{"report_id":"953a92b7-208a-4826-b408-0dbb132bdfe5","version":0,"status":"done","tags":[],"date":"2026-06-24T12:17:34Z","url":{"schema":"https","addr":"heodox.com/","fqdn":"heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"69.67.173.34","port":0,"asn":30295,"as":"2ICSYSTEMSINC","country":"Canada","country_code":"CA"},"final":{"url":{"schema":"https","addr":"app.heodox.com/","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"title":"Heodox: Most Popular Online Crypto Casino Based on Blockchain","dom":{"size":1071642,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (60588)","md5":"a20e6f3a0e3dfd9559f94e705ce35add","sha1":"6ea2d7a0ab5578fbc005261af02b7de5b8d90a55","sha256":"18cddeacb8a882802349058ed55d0cd0b8171a86b44958cf2fc1174cabec973d","sha512":"25577552a1d83236bd8a98271d166a38e8bf409e60c51b33bdc6fbb634de808205992decce25a903e30fc1a504cdbce765bab8f9528ad8d6beb92ff1e7525d89","ssdeep":"12288:SWJ24cvYrexWJ24cvYFSN87vIomx0wgH+vVKSN87vIomx0wgH+vVp6:j/cEeg/c7NgvIh/VvNgvIh/Vp6","tlshash":"9935cfb963580af4f34997ded961786832fa34ffbff58048d2162e8601a999d4d0c8d3","dom_hash":"domhash256027d961fb4f4d3674dc7184901c72","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"heodox.com/","fqdn":"heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"69.67.173.34","port":0,"asn":30295,"as":"2ICSYSTEMSINC","country":"Canada","country_code":"CA"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-29T12:17:34Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":6}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"app.heodox.com","ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-06-04","domain_rank":0,"first_seen":"2026-06-24T12:14:59.039208Z","last_seen":"2026-06-24T12:14:59.039208Z","alert_count":204,"request_count":68,"received_data":21292203,"sent_data":50834,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"heodox.com","ip":{"addr":"69.67.173.34","port":443,"asn":30295,"as":"2ICSYSTEMSINC","country":"Canada","country_code":"CA"},"domain_registered":"2026-06-04","domain_rank":0,"first_seen":"2026-06-06T21:26:03.765356Z","last_seen":"2026-06-24T12:12:13.53662Z","alert_count":3,"request_count":1,"received_data":225,"sent_data":479,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/249-0939437a59f2504a.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c3f51dd99a0be861049ebd4632a3542e","sha1":"3d08751beaf09ce31d44722d42da0650b0fc914c","sha256":"10976f7c91d6bbc5f35b9cd987501ad59a99b2a162a74b0ecbc9341afd0322d4","sha512":"4d67fb8e55edf461b142a253a2a20b675c1e9bf2c65ccee6af44d85dcf05b0467b1ce35a7f96a0f8cacf5c0e5c22ff530754f8286ea07eb6d339d72dae198c76","ssdeep":"3072:BF4UMvqBX6EG8q4H7GRxe8JTDUkan3busQd1yKlvRnTT/vD3Y46m+OEL4uFAQNgu:34UMCBX6tdDHV5kD3QPRuN","tlshash":"3d54fb0cf7fdf3b919ec389a364d0c3bd9a83a35d3b5625249d0f3ea9444cb4016a6a1","size":281586,"data":"","first_seen":"2026-05-13T18:10:45.999462Z","last_seen":"2026-06-27T02:52:27.35023Z","times_seen":4062,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/9883-c825881b2c3b0fc9.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"bcc8e6423662c12c5682af8dfa62a5a8","sha1":"b892e8086c047484a6e09910e1f5856e5f607bf2","sha256":"fae79308e4825e4d0f92e72cc85189405fb0c80569638bdc473eb7743bc4d4b3","sha512":"c48d27ef493b6d93cca9320dd5602a5de168d7deb5ea80dddde2daddf2b75293f15df2de435a834ad87802ad9497e8bd92c4763018a76ac0e6c897bd15689d90","ssdeep":"6144:TDWV4xt0J6T+WqV7OF8JpCXy/ABCf5iwEVQt3byQvUfV:Tr","tlshash":"6e94a829494416622b6323cd268bd80fd08af2658246c9b9f7964e7d21cfdc4e13bfdd","size":437773,"data":"","first_seen":"2026-04-13T13:34:34.692397Z","last_seen":"2026-06-27T02:52:27.340414Z","times_seen":4114,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/9796-477f833bec802edf.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3cd700563cd8e58c974d39b5117025a1","sha1":"8adb06045734081c226292a64b902365df367e22","sha256":"92c3493cdd4b2f4c088fc3c1aad125fee7a6efff6470de708bb5363e2c2b9e48","sha512":"89bd514505d7f05dc1d6d9124541bcc8aa98cb80bb21ecbf2ce07e05c4f9767ed6ff1f2ce6a99f5a994cdc9801fa416e5d37ef0bc5c046b18d4eb13df3a033db","ssdeep":"6144:cX68qDg+HzhjzH4Bs5ivB1hPYbRm0XiGwgwKZ7hmcVQoDMEFilOHIUJW3bXlB/C1:VjzH4Bs5ivB1hPYbRm0XiGwgwKZ7hmcJ","tlshash":"eb44101c8f7242edbb187c80ce4770698be586466fc784d8eafb5d244ba05ce5342f66","size":261678,"data":"","first_seen":"2026-04-13T13:34:34.615711Z","last_seen":"2026-06-27T02:52:27.347741Z","times_seen":4114,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/1617-516db04f21137a6a.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"24fdfcfce61be021904770b2b372ca81","sha1":"bc6a8555479c61ba37ea932d435e967aa1b28420","sha256":"d95d061529e6b787411e9de741b9946e0daf5da613c585a1c9ce261c18aa12ce","sha512":"f60ec3821ceda20e18cabb5a1a2b0f1d1e1de6d97c049c912c6ef61cb827f169ae6dfb45bba561ec96a4f5ed9454d3ca07ac3c707aa0bac224f9736c56df84a7","ssdeep":"12288:yzq3gKoizq3gKo1mTkcAA92TkVAA12TkVAAD2TkVAAF2TkVAAM2TkVAAm2TkVAAp:+","tlshash":"7a55fd4c8b6602ecab986cc0ca0770558fd586177fcb89fcdebaad145bb16ce0311e56","size":1310318,"data":"","first_seen":"2026-04-13T13:34:34.702982Z","last_seen":"2026-06-27T02:52:27.36906Z","times_seen":4113,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/5709-ea7a4340808316a5.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"86062450ad0d41acfde933cd4f31953a","sha1":"98896280abf82e8d70f2741c3bf515ee52f3ed6f","sha256":"3cb93241a78f6343802542c1727fb0a279298acc8f51e60a02cb392edde1a38b","sha512":"0665d5a1dccbf6ba1d6228806d8d71fadfc66ce0eee617eb20d1849de6b54b0373632e91bc6f6479e2e81d881ef965b481ee712fe221a4e14ad2fabf935b079f","ssdeep":"6144:7nRjnRVLWQuV/er6qcEhJMQslkFN0bbLTYGifRh3Y:TuY3ZslkFN0vLTYGi56","tlshash":"b165278c67b5a3fcf505b3f8892b58747e6a38fabb51c438c3e98d14e1510ac89658d3","size":1454652,"data":"","first_seen":"2026-06-06T12:20:43.204834Z","last_seen":"2026-06-27T02:52:27.376056Z","times_seen":3981,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/3275-bbdcc2e176783c7f.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"29fc6e35b3ecf993dba69228545f4d1e","sha1":"6d3d45d5d6e89c4c0c4be382359946c7f0c64529","sha256":"23fb767865b4ce96a897782c29d5a975a49d03eaf182146c61cf437eb690eb62","sha512":"17baad66b6b4cb23da59cdd3a0d01eccca6dcc23a46c7dfd990ebe03b91eda2b8749261247e731ec40440fe1380174321def6faff0fd888fa18663fff48e7a1d","ssdeep":"96:B6MlXsyMUxCCPs1VAbAvHbhPfjBItMbk6wd3E6l7b+5UYwhP7gb:/XDZ8CPuCsH9PFItQAU07wU7P7gb","tlshash":"ffd19961f091ebe4f8b708e8952fc40e726b2644d61948e1f5bbb8701b101f87b27f89","size":6161,"data":"","first_seen":"2026-04-13T13:34:34.666569Z","last_seen":"2026-06-27T02:52:27.351807Z","times_seen":4111,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/4577-b61d38b6b034d783.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"41103c0b0ac58161ba21e497c169a924","sha1":"c88e93fcd1195642c4470d4016f019ccd079aa1d","sha256":"be4819967273ae5cd6b750269b38df275e7de51ed59c459e52be1a3215abcec2","sha512":"008a7a566b759f0ad50cb551e1456f93aac047c0ae8c195c29e7a590acc5cc5a447be5e6dc17109e5de66ac7dde5a1a6055e83f64fcfc296ee418150c4664491","ssdeep":"12288:GxIYTLljXNW4D93yq3F/1hWJ24cvYkwl/eH3q0kCwI3UxrfZfM6A333xJUgHAsA/:3/cpXlKxUvBIVV/7x6XomFnoMBnxBqyg","tlshash":"8355c42d8e6641fdaf186c81ce8770658fe2c6432fd785e9dabb6d204fa158f4301e61","size":1365559,"data":"","first_seen":"2026-04-13T13:34:34.693793Z","last_seen":"2026-06-27T02:52:27.369838Z","times_seen":4113,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/1342-e39ae382517d6e27.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6b0b6471e752a72a4a67baffa5e490d6","sha1":"b22ad340a0948c9fd128ad7703281b20d3a2f91c","sha256":"4234be7a3de7cd09bdecf233b7e03b08945e08acbfe8203227aaa856f378c39e","sha512":"77a017b0409437148709f41743bbcf186ac0f144c7b82d60f8aa9b5c383587a655f7ee6ff2e7d8d1253bda8d234f6add0b224c6dad08dde55a6b9a4a421f2f41","ssdeep":"3072:2XikgRVZiU7NiK6xkdF3GK0/NtT8aH7fwTqdypuWw+1sGKIzXBX8zY72ibkhfv06:2XNUpieiztQyz4zMV","tlshash":"7565cde8678526e5bd4cddca5940b4ac007980370dfbd1cceb2af4e740b87b746a9d26","size":1449011,"data":"","first_seen":"2026-04-13T13:34:34.691135Z","last_seen":"2026-06-27T02:52:27.372285Z","times_seen":4109,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/3121-84e2be85f77396fc.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6b869f389beaf6b6ee305c2aba742110","sha1":"616f5957c5c11da916d8ffedf458597b7612b071","sha256":"ff0cef3d5e2eb5fd8fc70bd3af62141c28494e8218ca265cf9a5e5928df7818c","sha512":"9ddf70d0dd79a02c44d6a335d5170723a18ae5b4981c674756d69075f92eec44f398da73f2145878630de71aafa77e6da60cdb26bd138667b448dee4d3b1582f","ssdeep":"6144:A+AiF7KKW6WUSoMtIn9Ghv37xQnp87m0Sw/KKSUSOYYMCI:lY9C","tlshash":"eb242b497290b2e817e762a9547b282ef22f7d3cd222691477d4c87c3349dc8913af9d","size":224282,"data":"","first_seen":"2026-05-16T23:25:48.532058Z","last_seen":"2026-06-27T02:52:27.330383Z","times_seen":4055,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/6544-b0711005848a5ae1.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"39a5893ca0e9dde921d815faef0cca25","sha1":"bf860904497bd9c873fbc6c44eff66b61d990a44","sha256":"69a245030c2015ad280eedf3d0e5c896f8672d6803277ee2b15aa20e24595450","sha512":"439a73175b07db2985b9bc16ca9a6b5a029a041d3285e4c6c6e74e3749a85c41cd2db6a0999dd0aad865f389558e77a38bd1e42f36a27d3ee02a6731b9cbfc8b","ssdeep":"3072:LxF1G4zn2Qbx7Lg5H+vCWpduOhWr8BqUH9d8YFdNWRmfewJTLiAezha1h5L2iQfS:hO459yOCd8/qGwUM3qMz74SIxTrt","tlshash":"3a15321cc778b7b12fed398936490c3fd66db570d7a202566994b3fb1088ce0506abda","size":932011,"data":"","first_seen":"2026-04-13T13:34:34.701686Z","last_seen":"2026-06-27T02:52:27.356566Z","times_seen":4113,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/7580-1e05813e2213c2fa.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e95d3438a4d191ec149a209f2321321c","sha1":"ad5631919f911a7b20854095d4cf3b10658d364a","sha256":"764376cf71ad9d64078ab383b8c383387c50daaebed8409ce6573c4674206551","sha512":"3a4b0fdea4b4cb0a24f7005fd2f41a3473e46b7e5206716718550f868b2249856ca610de63b4c2a8a6e6113480cff06728878f0aef293c7c300276c174579336","ssdeep":"24576:K/cpQlKxQvBIVV/7x6XomFnoMBnxBqyk5QqBQqn:K/eGGqo6YmW","tlshash":"f96539298a6502fdbf596c80ca43345a8fe296137fd789fccaba6e1447b46df0301e51","size":1451511,"data":"","first_seen":"2026-04-13T13:34:34.697666Z","last_seen":"2026-06-27T02:52:27.37464Z","times_seen":4112,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/4310-53eb2d994601d39d.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1cf0afc09bb69320084b8de536c82c15","sha1":"b366ac3a2df29aa97110376475fc08e2b310e168","sha256":"5f6628bec7be06e9879a734589c7ccc242657acecd391f739a86d88f2597b1ee","sha512":"cb32c35ceec0ed7c3b0cbb53eef1a7754053eb228fbc9c1aff2abc56eff7aeccbac081b3fa583f2ebf3ba836f3ea808e269b380636f9fb04b3c887f425900bc3","ssdeep":"3072:PSHoE3ssKaFRWxTDF0+uoWTr/9CPxZi2rbG/r0mJo46W6E9bVWqnEbvY:wb","tlshash":"b734370cd7bdf3f51eec389e36490c3bd5a9763093a5426688d0b7eb5485cf400aa79a","size":241643,"data":"","first_seen":"2026-04-13T13:34:34.704197Z","last_seen":"2026-06-27T02:52:27.339918Z","times_seen":4114,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/9564-0cf3b4f099c86954.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f1133f31f38a7764ffc9bd1b3df097e8","sha1":"d5d2b6cf4dec8e50720d6754d015bc4736f6c72e","sha256":"5aec2933ae085f9a1203fac9a6a05a2dbbb5a4e92ceb66b1124084dae588afbc","sha512":"abfc85e1473134449c3ebe247ad09931b39c01a2b43e65ed5f863b30b2d791ee25b24d9335cb778771683c3ba87d996ddbabd6668d089e932c3e8d57d92cac20","ssdeep":"1536:sAvhk/n1ED3wnpzktrXFlnEA8aqLE4++E/NL7:sAv6/n1cIzk9FlnBCLE4++E/N3","tlshash":"9d531c8cf3d4f2a927e670ba283f1c3bd12e7a34971990645794e6b42549c885233bf9","size":61557,"data":"","first_seen":"2026-04-25T11:58:25.658808Z","last_seen":"2026-06-27T02:52:27.351295Z","times_seen":4101,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/7185-909ee90aaf995ae0.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f872fce468fe11bc2d553d3a1cb1728d","sha1":"64f7d375570dfb04f81e3aa3e290b4e9db422055","sha256":"ba29effdc23ab00f7e5b7ee690b711c4e750ab4bd60e6892ac7b2654c7dc089c","sha512":"2ec2637d1dde4852781820a9174ab4ce112fc7cd9a84cd893520aee7d8d485e9e465ae3b1a7856959d8954c60d09d88f75d513f842af5017f62df6ffd14169ef","ssdeep":"6144:QM59C1szfrCWDw32B9SKUVG1DmeSafWTnp2iYEGeuD+ji8ktmHUVYL83uS2a46G0:mO7w3qEKUVG1DmtafWTp2iPxKvN","tlshash":"e7e45d1d72c072ac17c363659a2b581ef36e596de125a804e3dac93c325ddccf13aba4","size":714479,"data":"","first_seen":"2026-06-24T12:15:04.841116Z","last_seen":"2026-06-24T12:20:30.390965Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/19-5bece4aba82fb776.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"499ae782218e46ba0165104a99a4ba64","sha1":"dd6335c8003db8dc40f3b6e5fd9ec389bd5679a4","sha256":"7930fcc2462bd18b8f3559392d9d610cb2a4cf2aad270fc533012c2fa8560ab7","sha512":"71885acc13827a064e0430afe760dadfaf8afacce9f7dabc324d265d126140a62d9baac56cb09e1725cfedc955eba79c0828bd9891ee524aa7d19448c1557aee","ssdeep":"12288:EW2sqZNSN87vIomx0wgH+vVWQo7AN3zoMaaql++gWuWUC4Qj8zINa8DPeo7B53zW:9NgvIh/VSUVPyzLW3fxz","tlshash":"02159459ca6602fd7f586c81ca4770698ed282136fd78afcdaba7e1447b0adf0301e51","size":936675,"data":"","first_seen":"2026-04-13T13:34:34.636004Z","last_seen":"2026-06-27T02:52:27.362394Z","times_seen":4114,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/3083-d0071871f85c1c39.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1e8736497d50701fd7e98b6af046968f","sha1":"dbfea11666fbb04bc71187a259b4318e935577c3","sha256":"f2bf0ce31e01e02feea9a6dba28d4318ce7e060806dc0c8e3a312b86a47bf163","sha512":"27ca329911a680c2a0654f53c3acb9846e41afbe86166bc73ee90c4f71aaea53c07bd3c3fe30a058e58154e9ab721f0238fcb7d087b6cae9a0313a6cabcd3aba","ssdeep":"1536:9wnbMGYAkPeRRJ0u4fU5g1+GoDJy+N0jPkV/KtXcUN3tadBZx4fH+dMxteMSVgvM:9wnbvvg1+lhN0wBDMxOig","tlshash":"84d3961600c827b52b677b25265acc0eb61bf23dc7429924b694c43b168edd461bffec","size":140858,"data":"","first_seen":"2026-04-13T13:34:34.639501Z","last_seen":"2026-06-27T02:52:27.331558Z","times_seen":4113,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/3715-1862ad9008505962.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2927eacb55a6224ec8cd6caca3db99c2","sha1":"a2bad0fd2d18b815ca48407464d6402918345813","sha256":"08f764ea42a0be91df8df5d26c417926f70a6721d2ec38264a3a28f13a98f974","sha512":"a5763ae91e2fbd84c6843f454a37179ae3083d4288200cd9570e88eaf655d5e1dfacbfaa5feecc671ab867d991612ca4464fcbea23a406e706e19799d9245a69","ssdeep":"1536:G8iMZeCMcsspNYlpAsz1jzsRr3KTArL7ml1C+Rmsqq99WsA:JiQensTQmYBLe","tlshash":"6683c764f1e0f6d4e1575399c92f460df12f2eacea25782cb3f5d818b7044d8622eba4","size":81522,"data":"","first_seen":"2026-05-16T23:25:48.524516Z","last_seen":"2026-06-27T02:52:27.35726Z","times_seen":4054,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/2643-f0046750557ecfce.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"22e80ddc9f6a618a74ae2024b1368d41","sha1":"92a5cb5a65b6db5e9fe377f30c867d91395fe65f","sha256":"cebfb1f5431b46b051bea9d7bb688099a15ae2d0bc9d906fad0678294dce11eb","sha512":"96d815f6d514ef47fafeed39af74b87f862781c464d29d2983b0b580da47867a08fe38b8f4cec9a32f181dc4174b981ade00e3b797cc8cdbcb48a0e7446a071f","ssdeep":"3072:lhsm2vphspSZ5qYHGKTG2Ucav/sLJ7T8Z2KxTofh5p0yEdQ8IeCp5+V0z0DLdD3K:Q3koZ5XG5sdSqfhwyEGASNBpH/","tlshash":"83440c2769c4127c2bc362569d675e4ef35ca918e215b419f3d7ca3d338c8c4b13aba8","size":276387,"data":"","first_seen":"2026-04-13T13:34:34.673947Z","last_seen":"2026-06-27T02:52:27.335777Z","times_seen":4115,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d4f58df8ef556437633bb90cc31469c4","sha1":"c1c713bb5046a54cb79a8e7537b6d7fca624fd45","sha256":"2dcb2e50c883929aebb7a64a7a22cfe2260d856a3c36a6926c082da19c552b7b","sha512":"54c8a79f5897cd198db689700c24f950ad7fe19eed815f8bfa0e47428701d8c84a1fd8f677a6f1b2a4f1443f35f2dbd19e6f456ceeebfb1c59275bb356e1a5e9","ssdeep":"","tlshash":"bfc02b041427c47b421c6f4dc02243d4e4b020bcdc492480801d181800d0c313b40cd6","size":130,"data":"","first_seen":"2025-03-25T18:26:20.414558Z","last_seen":"2026-06-27T02:36:05.926333Z","times_seen":48160,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/direct-router.bundle.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f589e6e05857a1cf881cfc2a05ef7e9a","sha1":"8d8a58344a1e44416eea1555fcd2f024cd664087","sha256":"6c15c81fe6c86f71b4504b7437ba52be08619e4d694cd27c7e9b601344ef109d","sha512":"7c02b9b887c6c34948f9da8aba844a3001090f0fd2b4bcc3bf0c09ca47d585c36badeb264a193e9ed021f11ffbcc016977e11ff772841433e714f643523f2d1a","ssdeep":"3072:vqSp7BygEFCXqLkT5vd5XnTWhNIhdmkIxWjlP3/1JqobepmMGWR042:vqSp7BZaiv/ukIxWjlP3/AmMGw6","tlshash":"6b241aa93a95f1226ab3027310df5803733d352b280d4d61a511ede9b4b845eb17bfaf","size":220065,"data":"","first_seen":"2026-06-24T12:06:23.502088Z","last_seen":"2026-06-24T20:46:08.213669Z","times_seen":318,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/5917-79f62dfd025e2ed8.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"bb80b5a8ada3602b57a3c17a8572408f","sha1":"f7f9937e1e9217a70423a3f93fad1797e7f788c5","sha256":"e81e7a5ea2d402edd781988e9aa30e89bce287f5d2093be45b2d280a1cdd5468","sha512":"a6d5638678a681b91f3ce72a06d0ca44ac5e8274d1615b353455a334b9033d0a508a42a19bb914e39a71aa1cfa70809baa8f0d0cc195cd3a8a72a7dd3427af59","ssdeep":"12288:m9kU1wEKxHLIPrsjbDcvnTJmP0I8y/PEg3Ahkz1epv3BoKuW+xMQT1y5EVNy5EVJ:mrwEQ9OfeH","tlshash":"4835bb4887aa42ec6f9d6d80c607744a8fd69513aed789eccbf9be141370ade1311f42","size":1153840,"data":"","first_seen":"2026-06-24T12:15:04.90529Z","last_seen":"2026-06-24T12:20:30.462373Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/4212-38fe49b6236c7c6b.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e1ee028598eb24e7427f83baa42198b2","sha1":"29ecf0ab8deb78392a4121a31e2fb63c764ce99e","sha256":"108693690d6f21f1942f276dc1e12eef8524ccb9678e1faeda902063ab3b2f0b","sha512":"71bd29cc66d0adb5ad11cba3d95baa883771712afef080e8b1f7a9c107dd9beb2404a2c43dd616aaf717ba69cfd4786e0c801ff3d88b6d201b8156124535fbd3","ssdeep":"3072:IxvuXFqhT8pi01EOUIMdda2zZ9GFOTASOeBTny//G:qvmFqh7MEOUVL1TASOeBT8e","tlshash":"ccb33b9972d0fd9d3bf3946a8c1fa40ee2795c2ed42d710462d9c83c72599c8e136bb4","size":114414,"data":"","first_seen":"2026-04-13T13:34:34.631899Z","last_seen":"2026-06-27T02:52:27.363012Z","times_seen":4114,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/5669-ed334c2dbb466446.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e6438c3dec7c2f8d1a4393aac0a9f590","sha1":"931f6f0648b68a394c0558fbb95934a059b7756e","sha256":"435b360ed59df86f97765d5fb68e6fa87486367009d059ebb558ef68a88bea43","sha512":"d78d1e4cb985aa6e6402fc821f4abd3f7d4db574d6d5e328c6eedccd61816ae5138844a368dfd471fcd1ee62877d851efebdbc1c9c93d3dc664bdc7d90de3258","ssdeep":"12288:+3PyxSJSN87vIomx0wgH+vVUqmAStvp1H/llr9dhLR5EdNbE3aYAiLQDEmAx//pd:jNgvIh/VKdVPyzLW3fxp","tlshash":"2455521ccf9201bdae58adc1ca4770254fe286531fd789ed96bb7e204bb1a9f4301e61","size":1370944,"data":"","first_seen":"2026-04-13T13:34:34.695086Z","last_seen":"2026-06-27T02:52:27.370686Z","times_seen":4111,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/9338-742398fd846a71c9.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"35949001400b87164feee5e87bb4d21b","sha1":"5fca2da66ae0589889299bbfa3d213e5e04c9709","sha256":"16ed0b2c2e53f93201db0a8b5787453855e66151890115a58c93605771ee912d","sha512":"b7873b0ad7fc8671962347515c0f6555a6cf4b524b3da006d4dfd697db93634a65337b5d24c1802baf802dde2fe3e8bdb81254baf08f4f7f44f3c5355e62bd4f","ssdeep":"12288:ypzOZxRLLD3iWRSM9LAlsr1TxmBY3gM1+7Yj+fjxl:ypSZxRPFgl","tlshash":"fc35a35a408827922bb37695269bdc0fa01ef52cc743c464b791c57e26cd9c8a27bfdc","size":1139216,"data":"","first_seen":"2026-04-13T13:34:34.708599Z","last_seen":"2026-06-27T02:52:27.375322Z","times_seen":4110,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/5358-6b6066a7c5be067e.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9156598b1de03a5170a70624dfc8177b","sha1":"b3492044b8717c0f42193be8f4e8f28a82e1350a","sha256":"a766f5b00eece4fff39e14883d3fd3b1d296272714633a36d9fceb8216d72c68","sha512":"766eb2ab0245999d24dcaa587fafe34ee2312c4d10e89f6f13f8cc4269bd1af69ad6e7332d59a1b2c509a2646875092e7403a98036288c030cbcd41ec7290a61","ssdeep":"12288:xHJlmOl48cdPyBOpIwGAWA7k3ghrhanjqv:JmOl480yBOpJBhrhan2v","tlshash":"7225190ea7d473b41bda3149364e4d3fe25cb638c352d016a5d6ea7d228cce4613bb98","size":962608,"data":"","first_seen":"2026-06-19T17:10:47.222323Z","last_seen":"2026-06-27T02:52:27.359353Z","times_seen":2633,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/8648-b9a24ba9b5bc0c95.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c518a3c90735027f7cf5e9ef51ba7e98","sha1":"243286f759a81ab0181dfa9e0f59e921228fe251","sha256":"17d24cd943de714ccbe4843a893186f4f9d7aa59277390480544a6008f41de2a","sha512":"611e7cddd315b0bf165c9a47866cecbcb4b7392c5ca210d60061a5bffb50af442e8648cb418bfc517e37b76c4a3f0756103a932fea6e289fcb6229a2b97f750f","ssdeep":"1536:Trle2nu/m82CFnMxwZCLVfvDzQjFY69xAq3CDQJUO9fEVJoZ1NbpGGVitgmdAYb6:TYUH821Nu95SQJxfwURk5bseKbsK","tlshash":"01e3e889f191f2fca6a224a9412f444ef22e3f4ce5255410e6f8dc083a586d9bb37fd5","size":144939,"data":"","first_seen":"2026-06-06T21:26:14.912411Z","last_seen":"2026-06-24T12:20:30.389699Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/9689-39df663debcc7932.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"95575815245fac0dd0f1a088b5673378","sha1":"b5fc9a98ebaac4eac518520eb74304a19af4c4b4","sha256":"2b609ad50f89d9da15d3da8423cab5a459bb395d18125b50ac3646d7a4a7bb24","sha512":"cce3d8d652ccceb67e5c4091294a2c837b597c36be10c62be39c860fd5418c6da27b20da4e2067ec964c7a0bb667cf3a577a7b3bdfbf5e4c013be7f66a24ee7f","ssdeep":"24576:7tPaAKapUMi69Q86f4lJay+AdFYR/QNnBKM7x5AKGE5X4iOJ:u7KwNhQx6IIiOJ","tlshash":"b665e039b224247946944086c05f290aaf72541f29c5c4ecb678fcdb5ebdece237ab74","size":1462413,"data":"","first_seen":"2026-04-13T13:34:34.700386Z","last_seen":"2026-06-27T02:52:27.373154Z","times_seen":4107,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/2366-925fc85d237b17af.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f7911660cff2a47fdbc9415ace2e3188","sha1":"3ab908a0337f5ba043a079b563d3c584521ece41","sha256":"4a2741bde36436647e2ae672eb2ef1262c83541e3d13784b48cb37b165bddd8d","sha512":"e21a40e23085dd405ca6c8473453fabc4c7df8999a472fad7a94a4f26856b2d5ebbfcae375412db956a96f92cf7f630b5804e5090ac19f22eb4b7a1022c96b3b","ssdeep":"","tlshash":"54f09e9920057c387abb4c02096e8c2a287c3572be091581e707c5a0009faf85170e9a","size":467,"data":"","first_seen":"2026-04-13T13:34:34.684954Z","last_seen":"2026-06-27T02:52:27.347238Z","times_seen":4115,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/3585-1a2341a418cc0f3b.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d66e895831146a3fcda6c0de48e66fbb","sha1":"ed6c9b6bc6805e7a74c90c2f70040a22a7c0f9e3","sha256":"ea60fb56fced9d92b0247021093d020a5438a67c1084d715a587c598278a804a","sha512":"6204b75617d69a9c649c089283b8fff6285c43d78b07045799a230225ffec878299a45b73c0b05a85a83ca19874e7de30333065e46c981d3720790649ce965c2","ssdeep":"6144:f9gGcm/FTmn65dg2/s70cs6eWBsY6EHNfm5Dlf3+FFS:XhWwKNI","tlshash":"3b845b98725060e8a28762b9552f154db33f2578e02ccd14e39ac87c7295ccce63bfda","size":376596,"data":"","first_seen":"2026-05-16T23:25:48.549118Z","last_seen":"2026-06-27T02:52:27.358736Z","times_seen":4055,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/7262-260eb856ec86ab3e.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"fc5c946ea01e852079c01158915eb9ea","sha1":"5133bd0de532b10449bb08521a92ca6a1887b7eb","sha256":"4a07fe3714db1466ba3968c1de34671f62ca3d5a3e9a01c12fecbdf73f2361d7","sha512":"18a65b639abe772a19c8332cf3709c4e0213353430e032b2cd550e739db2467dfd24ad1fcb4a4ea3675c81f34215a5ffc0ffb658dbf80ff70c2382171199b96a","ssdeep":"1536:nopcljgCIsBEzrJ8i7e85k7yRck5L8Nwxg98:nWuUCIsizui7e5mckJuwxu8","tlshash":"d3730a953180f5ed17e381aac42f644ee32f5c2ce51a766463e4c9ac725d8c8e137bac","size":77603,"data":"","first_seen":"2026-04-13T13:34:34.62862Z","last_seen":"2026-06-27T02:52:27.344531Z","times_seen":4114,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/8824-ddffb509a90576a1.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"88138b1397ee14b04ead267aa44c4196","sha1":"760b927bacdf81d73a0f2084bfb3ce7a76478e63","sha256":"a2d07d31470b51490786beb8167c7fafeae5a0236cb44537c4dc8857b3c448ce","sha512":"9841fadaed80aabc013a0fdccff0b1356d14a06a2952bfc883dabd299aa5fd9a4369b504e8ac7d28f47c27573be3bb4b94b08d389d3836697c2334185931304e","ssdeep":"12288:3fB+XoxJuhu/v7uV3rIPE8zGglvb9hsm8sMQMNIYsUKwJAsTF4Xylyz+hYsUUIJM:vGgthhsnR0yF4XylryF4Xyl+","tlshash":"94a4be69da7112fdef516ac0ca177015dfe6a6936fc789e8caf6ac040bb05ce4301e91","size":492118,"data":"","first_seen":"2026-04-13T13:34:34.606306Z","last_seen":"2026-06-27T02:52:27.335254Z","times_seen":4115,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/3980-010af18f0f321f6b.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0ebe2885d4d5b7870215ed1d746ae08f","sha1":"ececc6607c16410aa62783cea6de95557893c3ca","sha256":"68eea241c058d3a7c5cd5eb609397e4d833059221ade7f5154e9f68da97ef40f","sha512":"a14e01fe32f03659c957c6d5c9d01cc20c71308424cf842a7d178aa207358e270a9f531acc7d37e285a34fabd655ad88256cd82143dc1828eda771bc46bdbc91","ssdeep":"12288:9Fw3/38CUqBZw5AcYk0G2KVLCfEQ4HAIrBM6k18xyBByFt:uB7KFrR2BBU","tlshash":"3cb4c60ff3e4bbad26b57666be0f537ab31c2cb9d714e81496a9f0152344ca86135bc0","size":514070,"data":"","first_seen":"2026-04-13T13:34:34.626821Z","last_seen":"2026-06-27T02:52:27.33371Z","times_seen":4115,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/3047-780ecd63e8341fd0.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1a45ff6317fa4327137123bb7bfa8d4b","sha1":"bc1ead1c1e57bc9d70d9ce61b6580fcff62dde6b","sha256":"52347ddc20c0cf9d1a0b8d9b4f7324defd9706465148f58c081f4c07848b1d65","sha512":"714d24afd1fc0a2eda39f7f9793701b61d9b29be01f251c4cbac43a76732bd29c0352d99eb68cb43e69e5670f847ea3e8b4ee9593188b64937437621993ec32b","ssdeep":"6144:fT+0+Qhv42Fh0idHSlq9p0jy79DMHyPCij6MIVs/e5rKYfxGAaXaifqUMjuTH8NT:rrfOR1","tlshash":"d3644ac871c1f4a8929361a6803f050bf23d2e2de45d9454e2a9c8d87979dcde237fb9","size":316805,"data":"","first_seen":"2026-05-13T18:10:45.788088Z","last_seen":"2026-06-27T02:52:27.338933Z","times_seen":4062,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/9883-c825881b2c3b0fc9.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.843Z","timestamp":1782303406843,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/9883-c825881b2c3b0fc9.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Lk%2BpEQ4QITRy9fAtrp3cOLIzwNAYsOv58JZsYZkH8zlLXzf%2FIBtHAYDsKj5FRdOCkZaxbiQWpyDmOdJaiRng8NTWrQWyfo6kRSC2134QyUSJZt7ecMzTUprUmjB%2BacmDKg%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 102581\r\ncf-ray: a10baa64cc6a5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":437773,"size_decoded":103344,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65172), with no line terminators","md5":"bcc8e6423662c12c5682af8dfa62a5a8","sha1":"b892e8086c047484a6e09910e1f5856e5f607bf2","sha256":"fae79308e4825e4d0f92e72cc85189405fb0c80569638bdc473eb7743bc4d4b3","sha512":"c48d27ef493b6d93cca9320dd5602a5de168d7deb5ea80dddde2daddf2b75293f15df2de435a834ad87802ad9497e8bd92c4763018a76ac0e6c897bd15689d90","ssdeep":"6144:TDWV4xt0J6T+WqV7OF8JpCXy/ABCf5iwEVQt3byQvUfV:Tr","tlshash":"6e94a829494416622b6323cd268bd80fd08af2658246c9b9f7964e7d21cfdc4e13bfdd","first_seen":"2026-04-13T13:34:34.692397Z","last_seen":"2026-06-27T02:52:27.340414Z","times_seen":4114,"resource_available":true,"data":null}},"time_used":49,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/greenColorDSGN/bg/free_reward.webp","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:47.830Z","timestamp":1782303407830,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /greenColorDSGN/bg/free_reward.webp HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/_next/static/css/d599adfe9f648657.css\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8wfgwuqoGCdf96rOca0ntKpb8ET0SU0LH4nKFCgEyLTdAFfHuH9vrXhChSuAOax2V7W%2FMxFnGoiamQLKojnNliE1Atn%2FBe0rG6YN6nBle3%2FnTQA2ogdd7ToyGPNtEoVh%2Bw%3D%3D\"}]}\r\ncontent-type: image/webp\r\ndate: Wed, 24 Jun 2026 12:16:47 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:04 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 9606\r\ncf-ray: a10baa6afce25fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9602,"size_decoded":10346,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 390x108, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"9ff1da902b946265f24272fc301815b3","sha1":"395daddb9c99b6f15b2651985a115e6395128db6","sha256":"67f87d0d17d6c7549cb8dfca755651258f123d24bd28e67bf90a6d1777831edc","sha512":"3e60ab0677a151c7eee4111c0269503dad38b9e36e9a7d52e540968d642612aeecaab21091a3c3795943bfcd701b51efc87ffd283a8273a4159484de4a362e29","ssdeep":"192:AXpAE6uvkjO9qzNScQt9EXi9N6y7D+AKbr2i5+q1Hj70rl7zkmt:AXX6s/9qzNIjr7cbiIRjorhJ","tlshash":"35129e54b67eeac19fa7c5ef26f093931236a77d11b1e8c3087d1ca64464930f384a1e","first_seen":"2025-09-28T21:41:24.335314Z","last_seen":"2026-06-27T02:44:44.820863Z","times_seen":8179,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/global/fbq.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.697Z","timestamp":1782303406697,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /global/fbq.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cM%2FX0zkMzra8OpVbVc3T5bsQugx13%2BWUpJ6ev7MtWNk%2FMTgWzaOIO0gcxTsoUqVepV%2B3Nz1B7%2FOkHe6LAj23v123XoWcAkPdNRwP92LU9W2O3LaiDWo1mx0I83c3mOA1%2BA%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvia: 1.1 Caddy\r\nage: 163\r\npriority: u=1,i=?0\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\ncf-ray: a10baa63ec405fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":408,"size_decoded":997,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text","md5":"0b834c87557376668b3c3fde729a8db5","sha1":"872448d973ce02e75d52b31641d961601167d04c","sha256":"cc63b490224b081fc3bef6a696dc3ecbe7ea7bd45df00c8a53cfe304e7bd5469","sha512":"1c40528c95bf8c5d60ebf3dba6df8ca43390e5239ea50ef08705e547c48635a1f399f2f9d7207b4575822d2ce3dfd6e2b7ef7ee3b431255837cf2545ea5ed4c5","ssdeep":"","tlshash":"e7e0619f2c43b42733e97639c727a67b3763070178c2d919ba05c8151fe08966c96d9f","first_seen":"2025-03-19T10:41:28.92776Z","last_seen":"2026-06-27T02:39:02.808509Z","times_seen":23835,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/4310-53eb2d994601d39d.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.840Z","timestamp":1782303406840,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/4310-53eb2d994601d39d.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Kk5%2BEh833iwvT3vcN2N0yXnTI%2FqL5IPf79g636Y4BwADmU6UyRcjz4sD5LM%2FqnGQsj%2Fz4JKVB%2BIfgeUnRxdfIAx5TGVmcu%2FduBq2IY1%2BqGFtl9xTgolbg68NslP5xezMBA%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 46835\r\ncf-ray: a10baa64cc675fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":241653,"size_decoded":47605,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (39028), with no line terminators","md5":"1cf0afc09bb69320084b8de536c82c15","sha1":"b366ac3a2df29aa97110376475fc08e2b310e168","sha256":"5f6628bec7be06e9879a734589c7ccc242657acecd391f739a86d88f2597b1ee","sha512":"cb32c35ceec0ed7c3b0cbb53eef1a7754053eb228fbc9c1aff2abc56eff7aeccbac081b3fa583f2ebf3ba836f3ea808e269b380636f9fb04b3c887f425900bc3","ssdeep":"3072:PSHoE3ssKaFRWxTDF0+uoWTr/9CPxZi2rbG/r0mJo46W6E9bVWqnEbvY:wb","tlshash":"b734370cd7bdf3f51eec389e36490c3bd5a9763093a5426688d0b7eb5485cf400aa79a","first_seen":"2026-04-13T13:34:34.704197Z","last_seen":"2026-06-27T02:52:27.339918Z","times_seen":4114,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/3715-1862ad9008505962.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.845Z","timestamp":1782303406845,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/3715-1862ad9008505962.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=I9JK%2BZVZA5u0b6J5rWxHDqO%2FUwdqkTJgCveamaLU2DLq9kDIhVZ2ghzvXFbXW3LIjH9zMb%2FS2xNMhpS2rjdnTmnZv8c7ApB8NtcBIPH8skHJcfVDxpcxYbsgjyATRG7IJw%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 21211\r\ncf-ray: a10baa64cc6b5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":81522,"size_decoded":21973,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65480), with no line terminators","md5":"2927eacb55a6224ec8cd6caca3db99c2","sha1":"a2bad0fd2d18b815ca48407464d6402918345813","sha256":"08f764ea42a0be91df8df5d26c417926f70a6721d2ec38264a3a28f13a98f974","sha512":"a5763ae91e2fbd84c6843f454a37179ae3083d4288200cd9570e88eaf655d5e1dfacbfaa5feecc671ab867d991612ca4464fcbea23a406e706e19799d9245a69","ssdeep":"1536:G8iMZeCMcsspNYlpAsz1jzsRr3KTArL7ml1C+Rmsqq99WsA:JiQensTQmYBLe","tlshash":"6683c764f1e0f6d4e1575399c92f460df12f2eacea25782cb3f5d818b7044d8622eba4","first_seen":"2026-05-16T23:25:48.524516Z","last_seen":"2026-06-27T02:52:27.35726Z","times_seen":4054,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/4212-38fe49b6236c7c6b.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.854Z","timestamp":1782303406854,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/4212-38fe49b6236c7c6b.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dmoI9kS2JkS%2BzF3vGrEFbPVYkKySaCKkEgXhgERg1qsi%2F4wyZA2z1pfLUJugUzTiwEVAdCBGDUWonmqiz8MX9zyLBUnK2DECSeSVIuUBE00FP8SUS2NR9%2Bj7KPqBxquF6A%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 29928\r\ncf-ray: a10baa64dc775fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":114414,"size_decoded":30690,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65440), with no line terminators","md5":"e1ee028598eb24e7427f83baa42198b2","sha1":"29ecf0ab8deb78392a4121a31e2fb63c764ce99e","sha256":"108693690d6f21f1942f276dc1e12eef8524ccb9678e1faeda902063ab3b2f0b","sha512":"71bd29cc66d0adb5ad11cba3d95baa883771712afef080e8b1f7a9c107dd9beb2404a2c43dd616aaf717ba69cfd4786e0c801ff3d88b6d201b8156124535fbd3","ssdeep":"3072:IxvuXFqhT8pi01EOUIMdda2zZ9GFOTASOeBTny//G:qvmFqh7MEOUVL1TASOeBT8e","tlshash":"ccb33b9972d0fd9d3bf3946a8c1fa40ee2795c2ed42d710462d9c83c72599c8e136bb4","first_seen":"2026-04-13T13:34:34.631899Z","last_seen":"2026-06-27T02:52:27.363012Z","times_seen":4114,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/3275-bbdcc2e176783c7f.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.857Z","timestamp":1782303406857,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/3275-bbdcc2e176783c7f.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2CdcJfAwEFw4Z7srFY%2BdrCFANI4WK0lwXNT3le32TTxUhox1cmaekcXRxv8NGvzyI2o0d2PTvamnRf201CfeAUaqgwqSI%2BMinmG5jM9hZotNd%2FTRyHxR0pcwdXowq%2BQmkQ%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:04 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 2070\r\ncf-ray: a10baa64ec795fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6161,"size_decoded":2833,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (6161), with no line terminators","md5":"29fc6e35b3ecf993dba69228545f4d1e","sha1":"6d3d45d5d6e89c4c0c4be382359946c7f0c64529","sha256":"23fb767865b4ce96a897782c29d5a975a49d03eaf182146c61cf437eb690eb62","sha512":"17baad66b6b4cb23da59cdd3a0d01eccca6dcc23a46c7dfd990ebe03b91eda2b8749261247e731ec40440fe1380174321def6faff0fd888fa18663fff48e7a1d","ssdeep":"96:B6MlXsyMUxCCPs1VAbAvHbhPfjBItMbk6wd3E6l7b+5UYwhP7gb:/XDZ8CPuCsH9PFItQAU07wU7P7gb","tlshash":"ffd19961f091ebe4f8b708e8952fc40e726b2644d61948e1f5bbb8701b101f87b27f89","first_seen":"2026-04-13T13:34:34.666569Z","last_seen":"2026-06-27T02:52:27.351807Z","times_seen":4111,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/global/holiday/top.svg","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:47.718Z","timestamp":1782303407718,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /global/holiday/top.svg HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=H8ZWVE%2BDdGU1XF259cCMtStETJYdDucMoE%2FsUdw%2BxePXyyClHIfF9236sMDGh%2BGaXkAFXwydMzr54cx%2BXD8dZk6UhQFETaid3DxJE1%2BH9cgFQIIOvW8eKqP%2B4dNQEZdOOw%3D%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:16:47 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:04 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 48097\r\ncf-ray: a10baa6a4ccc5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":109971,"size_decoded":48847,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"765e4b902462e81209a68203122c5462","sha1":"c8a22e10bde49777ae443e9f3a3b6bf474659b68","sha256":"0d81c69880f645eaa8ad5bc7f874fe5c302d163c6ddf8e2b2e5633c222949f88","sha512":"d34eb7f720beacdf9d545cc1219a56e2a26b05477d98d9ed188c116bc9319de2f49db046893a0ad1680ae6a9c81bf69190f5de47bc94fef0b5f99049f36a65df","ssdeep":"1536:TVcmxdYMDacj729Kbg1AsjwaT2ROc8n6GheoROmsrLc8h7CJaEukrWE/A:x/FDa42Kg17nZtgER+","tlshash":"47b3f9fd6b6185e0eecf8af1dd3649907f1b34fe2b52525482a4ee607833e58894cd90","first_seen":"2025-12-07T15:18:05.795582Z","last_seen":"2026-06-27T02:44:44.80654Z","times_seen":9770,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/greenColorDSGN/bg/stat1.svg","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:47.833Z","timestamp":1782303407833,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /greenColorDSGN/bg/stat1.svg HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dVR6vuzXs7CwdyABUVn49nxRnh5Ebi%2BB5uZSvSot5sK7W5loBPBHkWmUfAqtJF9DxkAxFgmtLgJcWZtGA1lGV1BxkiSp8zjIxJ%2FkxBxkAkfAJ33QLve2L%2Fib8C8QT1dZjA%3D%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:16:47 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:05 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 1822\r\ncf-ray: a10baa6afce45fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3636,"size_decoded":2563,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a62014bb87def86bc408bac073b0cece","sha1":"24ce6cf0ee0ebe7956bc76e9bd16151ec3da5244","sha256":"69a3b7fd361a9307dd99ab7a8c12c3178f4ee11e5573a2c0f78fd014e04f4b64","sha512":"ee7ff1a7a9cf304d61ac90e25998182241854e3de44df25fd9541b3caddb222d206a4d3fa250e4d4d64ab42d595f79a0e24fc21ec4fb753f0b7ca2d64eb73282","ssdeep":"","tlshash":"d771e6cd2be812f0ec85b7f6df06642cb80e14b2598848b8f21d1f557b04ce98a4ac92","first_seen":"2025-09-28T21:41:24.045294Z","last_seen":"2026-06-27T02:44:44.799158Z","times_seen":9431,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/7580-1e05813e2213c2fa.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.823Z","timestamp":1782303406823,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/7580-1e05813e2213c2fa.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7Pl2gKxfIjZPaXyDIKTS8%2F3arg%2FwZmILKqCuuv%2FZU%2BRquqcdT9cyJGzWr9ONlsnfIEV1uSRXpeUDvKkjy3RoelRtjoJZy64zA3TmQrDkTH%2FvP2R%2BekIItBUWPUDdWggqmw%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 714375\r\ncf-ray: a10baa64ac5b5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1451511,"size_decoded":715144,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65485), with no line terminators","md5":"98c08cdf440cab4defd3a6756db58173","sha1":"cb0468f2d2d3816651663fa0bc74664e8f52d407","sha256":"717efa16b30d921eb2daba2cc677ba5fbb7fae501448c81e214bac6760160ef4","sha512":"a124530866a44814fac196a6b626cacb017d2bc4dd8615f0aaf634db229322b4e40d9e6a8b360b6632e76f7679435ec94dfc5feadacfcf0c5e3a65fb89ef1eaf","ssdeep":"12288:EJe2e02xEzaIGTBrfzLd91WJ24cvYkjZli4CnLPwGDkiqCCE+WTjjXHPxy0D8eUX:K/cpQlKxQvBIVV/7x6XomFnoF","tlshash":"e925f7198a6502fdbf596c80ca43345a8fe295137fdb89fccaba6e1447b4adf0301e51","first_seen":"2026-04-13T13:34:34.686233Z","last_seen":"2026-06-27T02:52:27.354764Z","times_seen":4108,"resource_available":false,"data":null}},"time_used":112,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":96,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/5669-ed334c2dbb466446.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.829Z","timestamp":1782303406829,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/5669-ed334c2dbb466446.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kHc73XzUk49L3mdJo4J79f9AHZf9Xe%2BfeG97sORL%2Bcm4UqWHpOR28GbZkQLEW%2FZkL4SdCac0bC7ZbMhJyc4TDefW%2FriKxZzr%2FuLZWiFqGpTykRNelcAPU5lmEi59iaimdA%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 350609\r\ncf-ray: a10baa64bc615fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1370944,"size_decoded":351376,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65520), with no line terminators","md5":"edcd02e15f2012ec6437683a44554a41","sha1":"63a9be64badec0c0801046fef99feecbfd488cff","sha256":"e3595fda91d9d620bc150465632369c1124b0b7a387474cf81f04df6d534d3ab","sha512":"5869e9f6e59467227869d6b868b638882e2035c928efc7d4f21d43627243df6ce35e0bbb0a8f8eba23e8d5f39a3ba5b279656aab8fb3cf12652e5ccd1dd325bc","ssdeep":"12288:+3PyxSJSN87vIomx0wgH+vVUqmAStvp1H/llr9dhLR5EdNbE3aYAiLQDEmAx//pU:jNgvIh/VKa","tlshash":"c9250f5ccb9201bdae58adc1ca4770254fe282531fd789ed96bb7e214bb0adf4301e61","first_seen":"2026-04-13T13:34:34.672452Z","last_seen":"2026-06-27T02:52:27.350763Z","times_seen":4114,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":69,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/greenColorDSGN/bg/landing_block2_semi.webp","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:47.838Z","timestamp":1782303407838,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /greenColorDSGN/bg/landing_block2_semi.webp HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/_next/static/css/10dffa892f034c33.css\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9ypY9n1MkGL0TWWsjYSd3EJgY%2FNers34Lr7Mjz1iKUobCPCfqmc33Z1DudU6LMxeTBUGyfo1yVU1dmZPE9m2xd%2FQDRUeJd7gdoGKo3YH5bBFBem69CFRKMl0hIqIlR7tDQ%3D%3D\"}]}\r\ncontent-type: image/webp\r\ndate: Wed, 24 Jun 2026 12:16:47 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:04 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 182377\r\ncf-ray: a10baa6afce75fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":182372,"size_decoded":183115,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"03a41ebfc2822966ccc84b5f11fb4f37","sha1":"8a03e5c17973d563e27d03be49e710e14c70d862","sha256":"c6c3494d6e8ce461c4d7b6d1003a9f6c5131d4bfbc81150f033713cbd161c50d","sha512":"feef02093801d484436151ede3a28e4a652c7614aed8bd49972100bc8e7fe24d276415b4be84c6bed0ba871af142c1ca12d405f8a7fdb2d43f9820dbcefc3a62","ssdeep":"3072:ReuoArLIEpV1NVfhqB14todZgaqt6eOLZCfBEunnFvrQbOPPFp8+AjJZP5o3mCoA:o1A/vfh+1Tiaqt6H1KtYOPnaNg3mQ","tlshash":"5204122892bed919d2d85bebc73d50da380cdac3ece73623df162435640c9d39722666","first_seen":"2026-02-06T07:23:24.025684Z","last_seen":"2026-06-27T02:44:44.78202Z","times_seen":7059,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/greenColorDSGN/bg/footer_support_girl.webp","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:47.840Z","timestamp":1782303407840,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /greenColorDSGN/bg/footer_support_girl.webp HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/_next/static/css/ce4a94f3f717c248.css\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QOBVvGe1hnPUPopNsXm5q2Cad8%2FqH7y0BL78phW6IdRge0hC5l0eqpFpjgTnliKBu0JAFL159GBsbyB2oPSpOeF2P08Dh2ZivRCynCY35iugBklZzap55eICCO6IRgu2ag%3D%3D\"}]}\r\ncontent-type: image/webp\r\ndate: Wed, 24 Jun 2026 12:16:47 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:04 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 57854\r\ncf-ray: a10baa6b0ce85fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":57850,"size_decoded":58589,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"5faac5f71c2e22c65bc69c285c0d3696","sha1":"fca1321d83571cd8e5cc3675251b7b1494657524","sha256":"9bdf3122176092018f424668f17ff2671b31372edca458b79c74cd9d499098e3","sha512":"2313bd524395624d329705b1f80dfbad7fe65729a4b5e02a2822ed990a6f9b0d78081b08210c70666d4b6076827ddd27948179654db24209eeb65cbe2ac9a5ee","ssdeep":"1536:MO09/ae5eKf1sIYm1Utg2OTeeydxh7F+euCxPO5U:69d551srmOTOTp+b3xPIU","tlshash":"ce43013c7ae9b930cda1243a4325ddd59c20c652f80b346abf9d86907224d7c9fc39e6","first_seen":"2026-02-06T07:23:24.013748Z","last_seen":"2026-06-27T02:44:44.81923Z","times_seen":7059,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/global/countries/es.svg","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:47.877Z","timestamp":1782303407877,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /global/countries/es.svg HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cVy%2F6qL85UUp7jYF2FgdHTWLIzOqqisT3cLpoy2BppY3SgCjqw27Rf31UQAaOX4xdnuY9Cgan7qkK0j2RHKQdrAGm8zmTpg71qRyGU4Hn1FNCQb%2B0jXj7rz3L%2F0LjB2t0Q%3D%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:16:47 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:05 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 333\r\ncf-ray: a10baa6b3cec5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":629,"size_decoded":1073,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a8224968196d0dd6d84e44c98093c280","sha1":"882b8a579de32e24e13e999b411abd814071cc2a","sha256":"f8cf69e4d0d285ff8e9be18f239b65e38fe1a235086a8daae53b1baa1e7a3557","sha512":"096da45f1e9c9fd020364a51f387110fe6b08969d607a52acd6acf7f01215e15ebb88c93484b7aef1392143f744ca491f8862151d5c4850ec8f7b9d4d419e870","ssdeep":"","tlshash":"bcf049c5743db18388098b742d6e70e6408e721b554814dd70079b28a3aa3df7ac2f6c","first_seen":"2023-04-17T16:03:39Z","last_seen":"2026-06-27T02:44:44.777887Z","times_seen":10595,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/global/countries/gb.svg","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:47.724Z","timestamp":1782303407724,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /global/countries/gb.svg HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=azVEUGA2F%2FHAGP4acJMduv5CtUN7zipzLFTvKlv%2FVgVf5YqAluahFDauYqUYFlBXqmq6CopMsJkWeN7IZK8ZoH681pRlGnb4E0ELOt6NWr254qpSCsJtXd0NAelAr2kyxA%3D%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:16:47 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:05 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 659\r\ncf-ray: a10baa6a4ccf5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1183,"size_decoded":1397,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"99a9e5571c2f5acd9cb910ce6a3f39a6","sha1":"876935939a01dae371583220f75bef15b5185c68","sha256":"5ff2f32ed6905d887f7d771029c1e65b1ef059e92260b548908cabb4e886bf19","sha512":"14cfeeacd8e2f9b67bf2e1f5b2823a98fc60854fca5afd0b10be72ad647ffd38aa4058188451c98e2045628706f0b84dcad508fa901ce146705102fed962de1a","ssdeep":"","tlshash":"ea2163c84370b5c059a74fba9f28a2dc924925f9ddc96ecd10be0538445ff5ed01f009","first_seen":"2023-05-08T16:47:32Z","last_seen":"2026-06-27T02:44:44.787778Z","times_seen":10848,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"heodox.com/","fqdn":"heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"69.67.173.34","port":443,"asn":30295,"as":"2ICSYSTEMSINC","country":"Canada","country_code":"CA"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-24T12:16:45.817Z","timestamp":1782303405817,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Jun 2026 00:28:26 GMT","end":"Mon, 07 Sep 2026 00:28:25 GMT"},"fingerprint":{"sha1":"B0:FF:C1:C8:E3:11:E5:0E:A8:12:D9:87:68:42:3D:1D:B3:81:B3:4B","sha256":"13:01:A6:57:65:EE:9E:EC:8D:F4:6E:F3:56:83:54:74:53:2E:77:11:43:4F:01:A8:10:8E:0F:4A:E9:C0:02:A3"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 \r\ncache-control: no-store, max-age=0\r\nlocation: https://app.heodox.com/\r\nreferrer-policy: no-referrer\r\nx-content-type-options: nosniff\r\ncontent-length: 0\r\ndate: Wed, 24 Jun 2026 12:17:18 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-27T02:34:35.883459Z","times_seen":16749255,"resource_available":true,"data":null}},"time_used":446,"timings":{"blocked":-1,"dns":12,"connect":140,"send":0,"wait":137,"receive":0,"ssl":156},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/3121-84e2be85f77396fc.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.796Z","timestamp":1782303406796,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/3121-84e2be85f77396fc.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LxXmGnNvxNaXZ7QGXFGWKiBFQ%2B4YFs%2BaCwbQBQr%2BBpZgllI0CDAjds%2BU9rwrGu7WtGyb3pr7RDordOknR%2BDK9QDkkdWoQpMeTr4SEftWaWZLUHyzFp3h8TpNmCIx0pBnpg%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 56586\r\ncf-ray: a10baa647c525fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":224282,"size_decoded":57352,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65418), with no line terminators","md5":"6b869f389beaf6b6ee305c2aba742110","sha1":"616f5957c5c11da916d8ffedf458597b7612b071","sha256":"ff0cef3d5e2eb5fd8fc70bd3af62141c28494e8218ca265cf9a5e5928df7818c","sha512":"9ddf70d0dd79a02c44d6a335d5170723a18ae5b4981c674756d69075f92eec44f398da73f2145878630de71aafa77e6da60cdb26bd138667b448dee4d3b1582f","ssdeep":"6144:A+AiF7KKW6WUSoMtIn9Ghv37xQnp87m0Sw/KKSUSOYYMCI:lY9C","tlshash":"eb242b497290b2e817e762a9547b282ef22f7d3cd222691477d4c87c3349dc8913af9d","first_seen":"2026-05-16T23:25:48.532058Z","last_seen":"2026-06-27T02:52:27.330383Z","times_seen":4055,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/global/countries/it.svg","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:47.882Z","timestamp":1782303407882,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /global/countries/it.svg HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2B%2Bpo19Pq2x%2F78og9wp0Sq59OmegychTLJwvNjYyWUwtuIPI3XSlMakj4sDhUZ3AjA%2B1VYB9RsEiJyQk4Pof6QKDr76k%2FCvibzvBpvGEeqmTQlQw%2FGb16KYhPJcw1JRS5Rg%3D%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:16:47 GMT\r\nserver: cloudflare\r\nvia: 1.1 Caddy\r\nage: 162\r\npriority: u=5,i\r\nlast-modified: Wed, 24 Jun 2026 12:14:05 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\ncf-ray: a10baa6b4cef5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":270,"size_decoded":875,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"4d4f20f2f1c88447480002bbf675404a","sha1":"e4a918db17e02d130c9733d7457211389b459535","sha256":"41b974254f3dd5b0853af7585c0417998a1ffa52e97e000fe2af3eee2c916d57","sha512":"04e180d7684ab9fefd920a74433c7fdea73380c5ec2588d6174ea6c14a20bdf1ebaf250158977863fd79051cc5012e5da4b9453f88998262b5cdc1672810ad79","ssdeep":"","tlshash":"e7d02b9dd07de0c448229bb03e9e31c142962327364500daf04b271861cc3ef7e41f04","first_seen":"2023-05-08T16:47:32Z","last_seen":"2026-06-27T02:44:44.834857Z","times_seen":10610,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/css/d599adfe9f648657.css","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.694Z","timestamp":1782303406694,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/css/d599adfe9f648657.css HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7o2YUQZD%2FyYIBgzWjLurPJjV%2BhnVN%2F8K8D7naX1qAnDUMBdlSmKaXp3dO9dYygmwYkELJZZOEPd3w0WxPVWMHRDEIfeP8Tk0ndldihB7tAzRsF0hfapgWmmv%2B7YniPvGhg%3D%3D\"}]}\r\ncontent-type: text/css; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 163\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncontent-length: 12193\r\ncf-ray: a10baa63dc3e5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":68963,"size_decoded":12950,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"689d6845a37e6a3c96ab9a76cf8f0420","sha1":"2930484cd58c8e849674195c73059425e6218d6a","sha256":"619447f843bd1558d398fc6c6548f2802566678eb7a6d1621fb2aa0b3c2ab977","sha512":"a467b0712c19a7d4866dee41cef2013cdf1509ee800a86860377e0eb4b217bc52a8d21a57b5695cd1be1fe81211ed007ffc07bbd6527d6a55e378eb7949c1265","ssdeep":"1536:SDzk2iKelS7yUAdO3CmoZV/AdBN/dilkbP6/4Nw9cXw+qicehzXu7VZ:F","tlshash":"1563b8715378f03cb977a82375819ace706dd203b97366dee5a4b43a80c76933a2274d","first_seen":"2026-04-13T13:34:34.644587Z","last_seen":"2026-06-27T02:52:27.343492Z","times_seen":4116,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/trumpColorDSGN/mix/preloader.svg","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.706Z","timestamp":1782303406706,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /trumpColorDSGN/mix/preloader.svg HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wFkbrjUaUjr0lCuKn7B9upA4yeXLmQwRqTnHjei7%2F4sMgyVR%2FcfvzlQmC%2FZTdnIcx8mnUEmXZ5pma%2FLzmkypVHhPsDGScok%2FyFk%2F5Iz%2FBMk8OWcBGIbkD%2BZpCTPJHGJ%2FNQ%3D%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 163\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 38904\r\ncf-ray: a10baa63ec445fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":119318,"size_decoded":39658,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"40fbaa8ff12ac1ebf23154c29e67a191","sha1":"a0a3a6c3b2a35874dca992b65fe8651809da05a6","sha256":"234f1a89ac1c64f2b60e7b7aaf30d3ec2cd97acd3f5fc844f4f55256eccaf843","sha512":"5c97f0bcda3d832001d8b751d6140ba2835b2ad34989ee6c4e9b44211dc8dbcb099eeb28666d6555505235ea97f71d37dc7c1a19e62c3a98a0cbd64e3c698ee8","ssdeep":"1536:objgkWcss2wEHMgG7RPP1VLatHLKazXxzP4D:TCB","tlshash":"edc360fc1af062cd88c0c7d27f69d2b93c17a3b798580805e66c5f5c0b9a96da851bd3","first_seen":"2025-11-16T06:53:31.134866Z","last_seen":"2026-06-27T02:39:02.810858Z","times_seen":21178,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/global/fonts/proxima_nova/stylesheet.css","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.741Z","timestamp":1782303406741,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /global/fonts/proxima_nova/stylesheet.css HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/_next/static/css/d4dbba7cd4889f6e.css\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=k3kQHuKlCZE1EreXGtxPqLmNM%2FTV9DZJNmORKXKyuYDIZqV5Axloldb%2Bit7pz48aF7joEMcwnHsizWA5Vx0bpVzswC2tOsG4go9aRENb3PKQQQmVd8Zw2plN65I4ywQNBw%3D%3D\"}]}\r\ncontent-type: text/css; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 163\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncontent-length: 1497\r\ncf-ray: a10baa642c4a5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16511,"size_decoded":2249,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"d8931974e63a4dc65335827a00484a23","sha1":"3295703d542b291d258e703d3fb273aa4e71472c","sha256":"5748d69fa891b81b4890fc30b6c589852acd016cc7f8726e4ef93a497f0ee30c","sha512":"a5a858b0359a3571aa1337351eebcbed993af02fc1e9f54d7d87ce39e675d455c46fe9ef7291fbbb80d29d79dc71bf2404e40a902f5ee26fc0187e92b6625cbe","ssdeep":"192:xz6b6dlmqgqYGVNCGAcCh2H5vwCGmhRgSem0pBjqkCY9WTpnOPx/OSW9r0tZxjyL:paG7KUC4ZYCrz2muZHCfWctAH/uNB22","tlshash":"36723942cccdbc624aa6148077fe6ff60b4e28559079ad57ff3c38389d115adc68472a","first_seen":"2026-03-07T05:32:19.76436Z","last_seen":"2026-06-27T02:40:55.328681Z","times_seen":14759,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/5709-ea7a4340808316a5.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.799Z","timestamp":1782303406799,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/5709-ea7a4340808316a5.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=811wxQuQjM7QrHiWYBfb3JBVfqlrFWj33YSnAI1SnFnoDPIc6BCPZhy3s0CVtaEQp06Ak6kHgsxKamULHXV6Huhc9c2R0RN%2FLThH%2F49F9zVKPQM%2FF%2FVRyrUQdA3BED%2FWdg%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 364325\r\ncf-ray: a10baa648c545fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1454652,"size_decoded":365092,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65474), with no line terminators","md5":"da779d11d6dc46752ab334dd5393f2ea","sha1":"ae0c777835c44d6d6eba77e9eef5bc1e2bc03d28","sha256":"68132251e81ae3690f1423504f3f9e464e824d7d74b7b684c0a8091fcd422430","sha512":"7f8517459a8d44f0f37240a06be158dba4b2824e6ddedcbf055bbae67c5b5dec68e303db86b32e51edfb5a0fe8576e2f03b6882958bf5b820e847b43303bec8e","ssdeep":"6144:7nRjnRVLWQuV/er6qcEhJMQslkFN0bbLTx:TuY3ZslkFN0vLTx","tlshash":"8135388c67b5a3fcf505b7f8892b68757e6638fabb81c438c3e55d24e0500ac89658d3","first_seen":"2026-06-06T21:26:14.922608Z","last_seen":"2026-06-27T02:52:27.330986Z","times_seen":3775,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/3047-780ecd63e8341fd0.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.819Z","timestamp":1782303406819,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/3047-780ecd63e8341fd0.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1n1HUbPzKJWd0SqJG88uSrnRMWtE%2BH2k9TJm39UnbLQaQ7bgwD5JopNEQrL7o2s9hVULzjZ0INw418Hsl3K8tCXMD9r55nni%2BcwH6tCm0C3OhTDXHLvL1u1OpxHCUxyMqA%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 86480\r\ncf-ray: a10baa64ac595fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":316805,"size_decoded":87240,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators","md5":"1a45ff6317fa4327137123bb7bfa8d4b","sha1":"bc1ead1c1e57bc9d70d9ce61b6580fcff62dde6b","sha256":"52347ddc20c0cf9d1a0b8d9b4f7324defd9706465148f58c081f4c07848b1d65","sha512":"714d24afd1fc0a2eda39f7f9793701b61d9b29be01f251c4cbac43a76732bd29c0352d99eb68cb43e69e5670f847ea3e8b4ee9593188b64937437621993ec32b","ssdeep":"6144:fT+0+Qhv42Fh0idHSlq9p0jy79DMHyPCij6MIVs/e5rKYfxGAaXaifqUMjuTH8NT:rrfOR1","tlshash":"d3644ac871c1f4a8929361a6803f050bf23d2e2de45d9454e2a9c8d87979dcde237fb9","first_seen":"2026-05-13T18:10:45.788088Z","last_seen":"2026-06-27T02:52:27.338933Z","times_seen":4062,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/9689-39df663debcc7932.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.832Z","timestamp":1782303406832,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/9689-39df663debcc7932.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lLYnDEBexq9VpTCcGBabb5U7YxuvGe0d1oiyAz30gijA0zf%2BwqR5N2pfAi6QHnuz2WXVmefIMKuMUggMWtgH4JSLEUYBTAcderQvma1axuoLs70jcuB3PmC01LobHxJbGA%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 899191\r\ncf-ray: a10baa64bc625fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1462413,"size_decoded":899950,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"9db46b5d4b739ec66f2a1c0b604e8f70","sha1":"c1b081fba22e6c0500021767d5a384f5464506f3","sha256":"43946234d264f14d2be22b5bed48cebf1c0283592db43db6fc888a07fd429a6e","sha512":"86e1f7a2294ad4475369395bd9e42aabac53d2a7defead470c705bfe7236d9507636842e05bd60063e952cbd2c29ff4b307afe96d76bd9e7a28c5de84e141513","ssdeep":"24576:7tPaAKapUMi69Q86f4lJay+AdFYR/QNnBKM7x5AKGE51:u7KwNhQx6I1","tlshash":"7b250135da2552fda728a4c2d58b34198ee685073fc589fcc9b6bc464fb2ace4701f90","first_seen":"2026-04-13T13:34:34.637603Z","last_seen":"2026-06-27T02:52:27.339419Z","times_seen":4113,"resource_available":false,"data":null}},"time_used":109,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":91,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/7262-260eb856ec86ab3e.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.844Z","timestamp":1782303406844,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/7262-260eb856ec86ab3e.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EhHazhkcgL5KyVI3iQyPpBt33iNhnuqIPKnRt3sTKWIgTJxvYadP5xCl9HHqOTxhfgXZS5y4PHZaL7Zmm33WBnrJXYR8Z4I1783vNQjEzHurxUPOZPkfzGvLFPrS3Ihggw%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 21758\r\ncf-ray: a10baa64cc6c5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":77603,"size_decoded":22514,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65502), with no line terminators","md5":"fc5c946ea01e852079c01158915eb9ea","sha1":"5133bd0de532b10449bb08521a92ca6a1887b7eb","sha256":"4a07fe3714db1466ba3968c1de34671f62ca3d5a3e9a01c12fecbdf73f2361d7","sha512":"18a65b639abe772a19c8332cf3709c4e0213353430e032b2cd550e739db2467dfd24ad1fcb4a4ea3675c81f34215a5ffc0ffb658dbf80ff70c2382171199b96a","ssdeep":"1536:nopcljgCIsBEzrJ8i7e85k7yRck5L8Nwxg98:nWuUCIsizui7e5mckJuwxu8","tlshash":"d3730a953180f5ed17e381aac42f644ee32f5c2ce51a766463e4c9ac725d8c8e137bac","first_seen":"2026-04-13T13:34:34.62862Z","last_seen":"2026-06-27T02:52:27.344531Z","times_seen":4114,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/css/d4dbba7cd4889f6e.css","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.691Z","timestamp":1782303406691,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/css/d4dbba7cd4889f6e.css HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lq%2FUu1vPN16wuZCs%2FjSCxq%2B%2FmAuh00mRwM0A6Vdh84IstOWVTUe0nLmJUdDdciPvP9sOUMkMHCWyQPlfkJIbaCrGTkleS9agwk6c0RVme2gMrMjVFxTTenBCeO8vUf8LhQ%3D%3D\"}]}\r\ncontent-type: text/css; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 163\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncontent-length: 2409\r\ncf-ray: a10baa63dc3b5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8868,"size_decoded":3165,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (8868), with no line terminators","md5":"68eb5f61ed957f0983f60b442f427751","sha1":"16106de8065b5f5de07d98588cbced8e42490d2f","sha256":"87285d37d87af815bcc3e3f7ef033d46840703246cd461fb2f47728d73e05f02","sha512":"bf29e12876a49faaaaa3a4c479c3e92ad15d6c9744bc2597d9fc4ccab6e139c99caf7c0ac53ed1fa758d97d4f4f4544609c92091fabcb7bc54f242cedc59e73e","ssdeep":"192:4SJhREZKVQrejs42r9X/Xqgv6UA7HHvhvlM:4fKV44hlm","tlshash":"d702f73cb311a0b242474f0f94a3ef6b8d6fb05acf674a6691a4058cb7cd9d015e1dab","first_seen":"2026-04-13T13:34:34.649281Z","last_seen":"2026-06-27T02:52:27.332108Z","times_seen":4113,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/css/ce4a94f3f717c248.css","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.695Z","timestamp":1782303406695,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/css/ce4a94f3f717c248.css HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EP6Nns4oJIyLrHkTjd%2FUDKrmyFnuC8%2FLu2RtNeG0p0Cvhwl5QGmA9HDCiizf3YHACiiCfXiFwIBuJxnk4fUrYCGjBORbereNjofGKgssra8IAK5zz58TBJ%2F8Ja5%2F8p4J0Q%3D%3D\"}]}\r\ncontent-type: text/css; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 163\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncontent-length: 5672\r\ncf-ray: a10baa63ec3f5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29159,"size_decoded":6428,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (29159), with no line terminators","md5":"46ad4b92478a51e4234fdd6d675c9f3a","sha1":"649d65f39d1733aa5d13bb1f20e773e089ba6620","sha256":"8c2a5bd34c98a97841f128779b43cb8346f7ec1a35adefdb188f32eeab45bc67","sha512":"0f77212b79bb5fefe13b10066fa75ad94c9e4308f9bcfb246d77d96c9b67b6a442ace7fbd0cadd1f6dbc3f50b0c7418b49733fcded43b1bcb81459b605492059","ssdeep":"192:+rbxEXPgGgaxVOUzM6YLWBHo1Vc/nJdcdISbwWCnZclaumSgGBhS6lPxT9nqhC4M:+rL5UzMr0IgfImKwYAMRfmVnFI","tlshash":"d2d2a432a124d13cb8b684627e95e7de7058c203da7756faea41e52dc0df5e33b62308","first_seen":"2026-04-13T13:34:34.624049Z","last_seen":"2026-06-27T02:52:27.352792Z","times_seen":4117,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/3980-010af18f0f321f6b.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.809Z","timestamp":1782303406809,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/3980-010af18f0f321f6b.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0Hyt%2F%2FSCB9LDbfukSfL3JtDuPwVtsfemeGo3oxnWhxlZb6TYX5rGbEQpt9E2avUwOzpWWVeS33NLyswgWJnFqBTG5mTrO2YSzGJ6XBJrZRh6nEAFuevGgIL2yAK1clUIOg%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 102910\r\ncf-ray: a10baa649c565fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":514070,"size_decoded":103671,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65218), with no line terminators","md5":"0ebe2885d4d5b7870215ed1d746ae08f","sha1":"ececc6607c16410aa62783cea6de95557893c3ca","sha256":"68eea241c058d3a7c5cd5eb609397e4d833059221ade7f5154e9f68da97ef40f","sha512":"a14e01fe32f03659c957c6d5c9d01cc20c71308424cf842a7d178aa207358e270a9f531acc7d37e285a34fabd655ad88256cd82143dc1828eda771bc46bdbc91","ssdeep":"12288:9Fw3/38CUqBZw5AcYk0G2KVLCfEQ4HAIrBM6k18xyBByFt:uB7KFrR2BBU","tlshash":"3cb4c60ff3e4bbad26b57666be0f537ab31c2cb9d714e81496a9f0152344ca86135bc0","first_seen":"2026-04-13T13:34:34.626821Z","last_seen":"2026-06-27T02:52:27.33371Z","times_seen":4115,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/19-5bece4aba82fb776.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.827Z","timestamp":1782303406827,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/19-5bece4aba82fb776.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FXv56ot8rj1CPfCeRHX1HyJUKDHLoHLsFb5nNspvc5nHmGjPv77MYQ1yqrT7f9IM%2Fv1Iae5MhZUR6HOrKvWsQGqn%2B3SfOCis1pUJdhdPoeHCgsW%2FNUiD0QbG5JjsTIfOQA%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 347128\r\ncf-ray: a10baa64bc5f5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":936675,"size_decoded":347893,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65520), with no line terminators","md5":"499ae782218e46ba0165104a99a4ba64","sha1":"dd6335c8003db8dc40f3b6e5fd9ec389bd5679a4","sha256":"7930fcc2462bd18b8f3559392d9d610cb2a4cf2aad270fc533012c2fa8560ab7","sha512":"71885acc13827a064e0430afe760dadfaf8afacce9f7dabc324d265d126140a62d9baac56cb09e1725cfedc955eba79c0828bd9891ee524aa7d19448c1557aee","ssdeep":"12288:EW2sqZNSN87vIomx0wgH+vVWQo7AN3zoMaaql++gWuWUC4Qj8zINa8DPeo7B53zW:9NgvIh/VSUVPyzLW3fxz","tlshash":"02159459ca6602fd7f586c81ca4770698ed282136fd78afcdaba7e1447b0adf0301e51","first_seen":"2026-04-13T13:34:34.636004Z","last_seen":"2026-06-27T02:52:27.362394Z","times_seen":4114,"resource_available":true,"data":null}},"time_used":86,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":71,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/8648-b9a24ba9b5bc0c95.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.851Z","timestamp":1782303406851,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/8648-b9a24ba9b5bc0c95.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CY5EaanK5SKYCtppDFW1rnaV%2B90%2BHZZyninnrHF0KSf5r4zUkSyvae41I85TwQ4REYULWbk9qH85BODd2YdrLZh4WBag%2FL6vy5SOna6kdX9jjHXM8deVLL8In54Abjd26Q%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 35163\r\ncf-ray: a10baa64dc755fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":144939,"size_decoded":35925,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65454), with no line terminators","md5":"c518a3c90735027f7cf5e9ef51ba7e98","sha1":"243286f759a81ab0181dfa9e0f59e921228fe251","sha256":"17d24cd943de714ccbe4843a893186f4f9d7aa59277390480544a6008f41de2a","sha512":"611e7cddd315b0bf165c9a47866cecbcb4b7392c5ca210d60061a5bffb50af442e8648cb418bfc517e37b76c4a3f0756103a932fea6e289fcb6229a2b97f750f","ssdeep":"1536:Trle2nu/m82CFnMxwZCLVfvDzQjFY69xAq3CDQJUO9fEVJoZ1NbpGGVitgmdAYb6:TYUH821Nu95SQJxfwURk5bseKbsK","tlshash":"01e3e889f191f2fca6a224a9412f444ef22e3f4ce5255410e6f8dc083a586d9bb37fd5","first_seen":"2026-06-06T21:26:14.912411Z","last_seen":"2026-06-24T12:20:30.389699Z","times_seen":7,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/greenColorDSGN/bg/stat3.svg","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:47.836Z","timestamp":1782303407836,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /greenColorDSGN/bg/stat3.svg HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=40pCjJgwQlj7SXHmYtxwMZ5KAAbZIPAceLHcYrqvXFlxxLmfl4mdXwsSEFfFfFfK27COKXnEsfoOfPC2UzPFzsm9ItP%2FQ1t2jCAgYdwbPNOYHIFMANSGb9dlbz7iQNJOgw%3D%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:16:47 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:04 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 1945\r\ncf-ray: a10baa6afce65fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3827,"size_decoded":2682,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1b07edac84752d7c56e382e1f7656115","sha1":"1ab72bc6895070dc7d55c8d87d4f4f907c19c019","sha256":"979df951bda3030c2abf6f6508fa7d5914c95535e4c0ed1f20a836cf2857bcbe","sha512":"97c1a7ff703378b6ae5555c686ab628ac9387b52614d1144beb72d575391ae717a0e25c981a4de8366948338760c57c8a8c19913f1d8b37661a2e96c1496af66","ssdeep":"","tlshash":"9a81b4ef5fd402b4d889d3e7ee3214993e4360fa5a8a0d04f36cae89575585cdd1a8c3","first_seen":"2025-09-28T21:41:24.193021Z","last_seen":"2026-06-27T02:44:44.821776Z","times_seen":9430,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/global/countries/de.svg","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:47.879Z","timestamp":1782303407879,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /global/countries/de.svg HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=u69sHkR44Cp34%2BubzQu%2F3DK4FBvC9i5OPGHx9kXNuQV3K5Z5pLHs9uP684b3uzDdQM3p2kkW6jqeumVoR3UX2F3ynUy6krq0m9LZoesvVjtz1tuAWh91L%2BvGEKlxlA1yXA%3D%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:16:47 GMT\r\nserver: cloudflare\r\nvia: 1.1 Caddy\r\nage: 162\r\npriority: u=5,i\r\nlast-modified: Wed, 24 Jun 2026 12:14:05 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\ncf-ray: a10baa6b4ced5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":271,"size_decoded":873,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"939afd91bea7074f84f4a328ca095295","sha1":"1a8edb7520cb812fd35996134ae823fe8ade03d9","sha256":"8e3c8f938c6fc4fc97c81f398a71d0d789b44b6be458469d7056372a2c05837a","sha512":"a3922e78b9ac5209cabea2c0945d474d24035a4e78297b3105779cea945b931ae83a59ffbf73e2877f2da42e0ff7fb5f23c297c1d7f7d09da3644ed63d82ef6c","ssdeep":"","tlshash":"c7d02bd8506ae8c04d16c7603e6c32c1288a6259238800dff0835338a6cb7ceb745f50","first_seen":"2023-07-03T07:07:12Z","last_seen":"2026-06-27T02:44:44.808156Z","times_seen":10601,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/249-0939437a59f2504a.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.816Z","timestamp":1782303406816,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/249-0939437a59f2504a.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KfycC%2BxsOMSsJTPsZzOTv0IuqcwKKEDHm0rGeCJbMHA3dipWHyHlyuF5BfFlkCxbXaMYhx8rSgXTaLeeY8POEN%2BOvU5A0JvMrLb1Q0Fim0F2u6W7kt30TtUFb2QZfMw%2F0g%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 61624\r\ncf-ray: a10baa64ac585fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":281586,"size_decoded":62386,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (47782), with no line terminators","md5":"c3f51dd99a0be861049ebd4632a3542e","sha1":"3d08751beaf09ce31d44722d42da0650b0fc914c","sha256":"10976f7c91d6bbc5f35b9cd987501ad59a99b2a162a74b0ecbc9341afd0322d4","sha512":"4d67fb8e55edf461b142a253a2a20b675c1e9bf2c65ccee6af44d85dcf05b0467b1ce35a7f96a0f8cacf5c0e5c22ff530754f8286ea07eb6d339d72dae198c76","ssdeep":"3072:BF4UMvqBX6EG8q4H7GRxe8JTDUkan3busQd1yKlvRnTT/vD3Y46m+OEL4uFAQNgu:34UMCBX6tdDHV5kD3QPRuN","tlshash":"3d54fb0cf7fdf3b919ec389a364d0c3bd9a83a35d3b5625249d0f3ea9444cb4016a6a1","first_seen":"2026-05-13T18:10:45.999462Z","last_seen":"2026-06-27T02:52:27.35023Z","times_seen":4062,"resource_available":true,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/muskColorDSGN/mix/preloader.svg","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.707Z","timestamp":1782303406707,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /muskColorDSGN/mix/preloader.svg HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kQmOdBqZAFH0Qm1855je3Bv8TDFM3vnprXNO8AX8llpMm5YRi6X2jQ%2FWiyVLMPdarFQ1rR3mk%2FlA1F0bfwAzwIABnAW%2BCRoPrD2tk%2BN6MZV3JhYG%2BKypTlHrhSQD%2FCM9fQ%3D%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 163\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 19879\r\ncf-ray: a10baa63ec475fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":72100,"size_decoded":20627,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"850e1745f4385099a3518d32d9145e74","sha1":"69969125e203608b7462ed6f8eaaa2917d48ab0f","sha256":"31ccdbf4baef0e8d2e5ef2d71b200f1b8288afa891e6ea50729feecd86dcb895","sha512":"617fd124ef9ca7077d4215668197b1bd456b3f6dd2063130545d4040c4ae11c1d37a569ad757ff74ee26ccedb5db2f150439c8c515bceef6c0434c81ae46edee","ssdeep":"768:YDpuRdZRXU55SUH2v9rirdHR96Hi3WdoanhrqCLUEBHp5ZuQ+Ip1xLtaD3LxUynT:Qk9eui+hrhUEBn8WXED3Lx/T8QdxGwlH","tlshash":"a06395ed2bf018c949c8c3d7ff5944a92d2a91fba5484908f65c4fac1b85c5eec47ac2","first_seen":"2025-11-16T06:53:31.140817Z","last_seen":"2026-06-27T02:39:02.800712Z","times_seen":21182,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/1342-e39ae382517d6e27.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.811Z","timestamp":1782303406811,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/1342-e39ae382517d6e27.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bXLSExuqJmE42ootl8aWnpOOnHExqrKee6t1o40dOor5Sl0cCSUVsGrNNdb38pLIbXYdg6dZFthqZQm1dFE%2F5nRbquRWDn%2B%2BR03Ma620ACIhyTX0tV6P7AbsXKBSYVdcjA%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 544934\r\ncf-ray: a10baa649c575fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1449011,"size_decoded":545697,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"6fc40cd79ee8752ee16a42d8de3a9836","sha1":"899243cd2ffe7a5b0aade6310d845f5f47289847","sha256":"0a935b2d469e703bd6e72a9f682823d483fc28d56f3a663787b9c21498d9db30","sha512":"13d3b80b739af5022c6c89df890e60ee7ea4607afb89204aa6fb7d43e6350cdac310e4a6d25be33703fea38f4cdb0ee7f1197766b97df7d197a6db1dff6459b3","ssdeep":"3072:2XikgRVZiU7NiK6xkdF3GK0/NtT8aH7fwTqdypuWw+1sGKIzXBX+:2XNUpieiztQI","tlshash":"5c25bde8678526e5bd4cddca5940b4ac007980370dfbd1cceb2af4e740b87b746a9d26","first_seen":"2026-04-13T13:34:34.611278Z","last_seen":"2026-06-27T02:52:27.354279Z","times_seen":4112,"resource_available":false,"data":null}},"time_used":66,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":50,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/api/v2","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:47.344Z","timestamp":1782303407344,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"POST /api/v2 HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://app.heodox.com/\r\nauthorization: Bearer null\r\ncontent-type: application/json\r\nContent-Length: 161\r\nOrigin: https://app.heodox.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 \r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-type: application/json\r\ndate: Wed, 24 Jun 2026 12:16:47 GMT\r\nserver: cloudflare\r\nvia: 1.1 Caddy\r\nx-compressed: true\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\ncontent-encoding: zstd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kmgYbXdMRJO4J9lFvjZDbvojIHnOlMMhuXHXO9mRjTCYsEUR8YCEhLIWpee4VDJNEoG8zSSFfqS6euYfufWyUjbSV83dVsmUK%2BwTLo1Cyxzm%2F0AStZAt5UBm5pKPjUOvNw%3D%3D\"}]}\r\ncf-ray: a10baa67ecb25fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":113,"size_decoded":740,"mime_type":"application/json","magic":"JSON text data","md5":"9832e29b51080df78a4d68a0354c9591","sha1":"4bc0a15f9c9546eddd1cbe0753cb767b4eb0acba","sha256":"2797b96244bb8069ab1f19194c96885d12ff16548843bda017a763a629fa0773","sha512":"e5878d54140585dcc657ca2f3eb24e028e94f85e6f973311ada8e931d84e4263a22cce2745872f7596297cfc3c13df723c144a7e036a596760ec29ca97930771","ssdeep":"","tlshash":"06b02222300e0b800e00008ac032f23202cec0ceccc0283fcecbc080203b30e20e0320","first_seen":"2026-06-24T12:17:59.123323Z","last_seen":"2026-06-24T12:17:59.123323Z","times_seen":1,"resource_available":false,"data":null}},"time_used":250,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":250,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/direct-router.bundle.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.699Z","timestamp":1782303406699,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/direct-router.bundle.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kO0SnYl8BInaZl5OhRqjxzylfKI7JNMpHQQLUDCLU%2FjnZ7kouxG4HtBvznr1jXmGaNgDm%2FWnETY8pVm%2F1Y2TCjLHuyhP4tNnYVVm9QWXknSecmJKX7YdrxpN6EckZDDcVQ%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 163\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 66433\r\ncf-ray: a10baa63ec425fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":220065,"size_decoded":67195,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"f589e6e05857a1cf881cfc2a05ef7e9a","sha1":"8d8a58344a1e44416eea1555fcd2f024cd664087","sha256":"6c15c81fe6c86f71b4504b7437ba52be08619e4d694cd27c7e9b601344ef109d","sha512":"7c02b9b887c6c34948f9da8aba844a3001090f0fd2b4bcc3bf0c09ca47d585c36badeb264a193e9ed021f11ffbcc016977e11ff772841433e714f643523f2d1a","ssdeep":"3072:vqSp7BygEFCXqLkT5vd5XnTWhNIhdmkIxWjlP3/1JqobepmMGWR042:vqSp7BZaiv/ukIxWjlP3/AmMGw6","tlshash":"6b241aa93a95f1226ab3027310df5803733d352b280d4d61a511ede9b4b845eb17bfaf","first_seen":"2026-06-24T12:06:23.502088Z","last_seen":"2026-06-24T20:46:08.213669Z","times_seen":318,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/global/fonts/proxima_nova/ProximaNova-Bold.woff","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.869Z","timestamp":1782303406869,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /global/fonts/proxima_nova/ProximaNova-Bold.woff HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/global/fonts/proxima_nova/stylesheet.css\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-type: font/woff\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2bMJW51xs5KaSDAXYfvDU42ONKgVuCI8T8wLzqyhWcAmAIlS754G0PUWE%2Fdpl8S0n%2BpTPI3QRN2F2Vna4jBp%2FdmnoSbKXvQoSaAQL3y55HOHlGCAmtxw7pO%2BtWlIFVIq3g%3D%3D\"}]}\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: a10baa64fc7a5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":52068,"size_decoded":52744,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 52068, version 2.3","md5":"e2cf3dc2f079bf3d5185a02552f153c4","sha1":"9e900ba7e0890a12a5697fc7ce86c058b145d215","sha256":"99a24fdd4e16d8dd4fdd79a5dd2dd7b71c2c68473fd6b3cb4eca4fa3f33d9ac1","sha512":"1043f0d116fcda17bd933ff2594b7c79a1fd41259f28aa8283d90e1a56eb6b8830861f109f9eeb3b81d79408e8a6a3648d973ee8a42fb5c096b0f84138392935","ssdeep":"768:gUZ1BWLCju+iIoHoWcknJh+7x77rai9YTRPxnE6eWPeLJWPznTdpjXeE8vFmdn:fX6Cjuct8QxDai9YLE6eWGYfbX98vMd","tlshash":"2433f1a524350e2797b7f4fa349d0665cfc6024db42b55faa4cbca019a5bff8b530823","first_seen":"2023-04-07T12:58:50Z","last_seen":"2026-06-27T02:39:02.814607Z","times_seen":22659,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/global/holiday/bottom.svg","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:47.726Z","timestamp":1782303407726,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /global/holiday/bottom.svg HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=d2RG3nXu77wM3ReFIl4uubV%2BxWMMCm0dIkCUOETWnKWT6NPcozST%2FvVuwFXBA3KfYSHF4eWm6%2FUJSslqWcupSwM65POojI44L3SjLtO1e%2Bv0hpOzLLXleX%2BI4UKTYMoJKw%3D%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:16:47 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:05 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 520\r\ncf-ray: a10baa6a4cd05fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1628,"size_decoded":1264,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"165634688949125db4ac194fe8681813","sha1":"c8d8f84854dc11683adff1b17974b18a3077173a","sha256":"865ac8ef0db76c4a0224fc4a29905e93b9e1cf278b42f7c95c8e1d82312d5e42","sha512":"9a4001c1e30d41bda349a631e7e00d8cf2528532717f23c5f19db0ac56dbd771e779ba07390b0c8fbe0beb77b3996e45b9bbef7b770850f8db207beff1888a7c","ssdeep":"","tlshash":"f2316f5c60b6ed389984c14c8d1fe0f5361f2fea07d6975620844dadfb094ff29626d1","first_seen":"2025-12-07T15:18:05.832815Z","last_seen":"2026-06-27T02:44:44.832554Z","times_seen":9759,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/global/countries/in.svg","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:47.886Z","timestamp":1782303407886,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /global/countries/in.svg HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nHzDtssMrnUQUHWDeLaHelFEb7rEs0q9N0OVzrj5HJZJWD5CPgWc01cgpko0FcFnmfA212hedwwLBYAYVG%2BlGOUSfosWGID3tgjQAoFPuO%2BK9SqEn2h0ZFi8%2BUaJAIitgQ%3D%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:16:47 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:05 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 780\r\ncf-ray: a10baa6b4cf15fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2301,"size_decoded":1520,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f0c892dde95804d59b20416b8db9fcbe","sha1":"41f09b07a8c26144aff93575ba4a07a0122bdae6","sha256":"aa82222076d0dd86dc6f37947faf10333212886549a33c4fcf6b44141b702018","sha512":"8eadf55e31f49edebffdb864eeec76900caf6f5163d2e3cf1988757271bb7c5e2c26c3986b4fe5b2f8953e733ea0c4bf4fb3cce0ec4d1010e20f5125abde3ac7","ssdeep":"","tlshash":"2e4165a9717df8cd9b01c6fda63bb9f1b00f50496b12d3a9b55b0f0a481a4fbb0056e0","first_seen":"2023-06-13T16:46:48Z","last_seen":"2026-06-27T02:44:44.822565Z","times_seen":10195,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/3585-1a2341a418cc0f3b.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.800Z","timestamp":1782303406800,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/3585-1a2341a418cc0f3b.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hVmQGhOaNIQzBb9Bm58XC55blzJ8TAWceTXVPp%2B8DcCJ3LGUTFwkSOxjllv2rAJP9ZEnQglfgw54dGUBhR8RfyvFspkoboHTRxE5Raj%2FooQHZOMOQPbn53RY0lx57r%2BknA%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 111886\r\ncf-ray: a10baa648c555fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":376596,"size_decoded":112649,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"d66e895831146a3fcda6c0de48e66fbb","sha1":"ed6c9b6bc6805e7a74c90c2f70040a22a7c0f9e3","sha256":"ea60fb56fced9d92b0247021093d020a5438a67c1084d715a587c598278a804a","sha512":"6204b75617d69a9c649c089283b8fff6285c43d78b07045799a230225ffec878299a45b73c0b05a85a83ca19874e7de30333065e46c981d3720790649ce965c2","ssdeep":"6144:f9gGcm/FTmn65dg2/s70cs6eWBsY6EHNfm5Dlf3+FFS:XhWwKNI","tlshash":"3b845b98725060e8a28762b9552f154db33f2578e02ccd14e39ac87c7295ccce63bfda","first_seen":"2026-05-16T23:25:48.549118Z","last_seen":"2026-06-27T02:52:27.358736Z","times_seen":4055,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/greenColorDSGN/bg/landing_block1.webp","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:47.832Z","timestamp":1782303407832,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /greenColorDSGN/bg/landing_block1.webp HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/_next/static/css/10dffa892f034c33.css\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BZ1tRDpux9y81FU5KYK8O41jJuX9ourWOCBanccs889F9QgY4g4xgb8kj3bQwSba4Ia0OkvCvpFUsOWBcdYy5wR7JY61y2RlZ6VvQlaYSFqwIusI3aDJRUmdlb1u%2F%2FaDyg%3D%3D\"}]}\r\ncontent-type: image/webp\r\ndate: Wed, 24 Jun 2026 12:16:47 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:04 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 143257\r\ncf-ray: a10baa6afce35fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":143252,"size_decoded":143997,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1692x502, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"8201728c6e2cf2db0d1c3c296e9ec4f8","sha1":"1c5b38584ae934775d0ec23c9b0ebfa494bbb8e7","sha256":"308e698488e68037d3a4648279c289467061190da02ace13bddcff1f7dfb24a0","sha512":"76993a0e63c176ce55b170cfbff41c65712a660f800904f7ee54e504e66df07343bbfe33d810cefab3d7e959046e5bcc49685c1d82259c5cbe0d30902ad16923","ssdeep":"3072:jvdXxTC52KjJbmSFgMLRAQPodctih7E4opiSOVmDjXvzV:jVVC5/mAtLRoctiREXpUUDj/zV","tlshash":"3fe313be76b10ae8a8801cdf021e48b97f355f1355ee01c67b27a68f05a3519b5cdf0a","first_seen":"2026-02-06T07:23:24.023009Z","last_seen":"2026-06-27T02:44:44.794446Z","times_seen":7056,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/global/countries/fr.svg","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:47.881Z","timestamp":1782303407881,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /global/countries/fr.svg HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=d%2FL1KSY2Z05HKKQT7693lsq7pbu%2FUcNEOyJ1EEo%2BcgnAZMp59aWP%2BUJCKrS0Y%2BjuT9DKJXh%2B4iYRFWdjpi8xQY0B3NCWTymRgcNQRJsakn9ynqPmVP3LjrPUg2d%2B09PNmg%3D%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:16:47 GMT\r\nserver: cloudflare\r\nvia: 1.1 Caddy\r\nage: 162\r\npriority: u=5,i\r\nlast-modified: Wed, 24 Jun 2026 12:14:05 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\ncf-ray: a10baa6b4cee5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":270,"size_decoded":877,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c1a36c711f0ae0ab46c7dce06f63a723","sha1":"5cff6743ac6eed2912288bacd35c363a2d586d18","sha256":"861059eae96aea4c38466209edfad68fbd84ada37bae4ccac92d03011046a524","sha512":"e8d4869bd8d77613770a36de15c23dfade7a3bf3a465c4a6c79be55d9d6660874b5cbb60e631f04964840d3b4d736ceb25f31b30779e8d5ec64023f8e855cdeb","ssdeep":"","tlshash":"f0d02b9dd07de0c448138b703fde31c1418a6326364600dab047272861cc3ef7e40f04","first_seen":"2023-04-07T23:46:38Z","last_seen":"2026-06-27T02:44:44.788678Z","times_seen":10611,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/1617-516db04f21137a6a.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.849Z","timestamp":1782303406849,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/1617-516db04f21137a6a.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qb0nGV46CAWkV08lEQd9GU6Gn%2FfutgmkN5bD9CqXZjGuEWHlKJ0lQ%2B6kFjPwLx4Z6cpNdXOSIwDdiRMuVHPgtXcxuekM6%2F36j2J%2F%2FIO0f675cheoYk0oFpa8Xp1FOZ%2FYuw%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 134434\r\ncf-ray: a10baa64dc745fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1310318,"size_decoded":135203,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"96e12518bcc4bdbbe9000be499bd4164","sha1":"964881c32476cfe71ce4b7dda2df1fedb01927b4","sha256":"0d72038e505589c03cb66f853434a70524bfd107ba42445b5c4d48966311f63c","sha512":"ec4f41f65b4670eb2cb554fdaf6d5eadebdc5de167bd035cb16860e500477f99377171083aa1041d61fbd08f9a0ad13840391ff21f67a39cf0e1a3d552b5baab","ssdeep":"12288:yzq3gKoizq3gKo1mTkcAA92TkVAA12TkVAAD2TkVAAF2TkVAAM2TkVAAm2TkVAAK:J","tlshash":"6125aa4c8b6602fdab546cc0ca0770998fd186636fd789fccabaad145bb16cf0311e56","first_seen":"2026-04-13T13:34:34.656645Z","last_seen":"2026-06-27T02:52:27.366571Z","times_seen":4114,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":31,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/api/v2","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:47.342Z","timestamp":1782303407342,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"POST /api/v2 HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://app.heodox.com/\r\nauthorization: Bearer null\r\ncontent-type: application/json\r\nContent-Length: 157\r\nOrigin: https://app.heodox.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 \r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-type: application/json\r\ndate: Wed, 24 Jun 2026 12:16:47 GMT\r\nserver: cloudflare\r\nvia: 1.1 Caddy\r\nx-compressed: true\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\ncontent-encoding: zstd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nGub6lhpAziRgACG9uWnmG%2FavntudafScNOIk2Sq5rQYsbJ6glfVNiUxZ0nPQRnmbi5HpbpLbvU4ZHBClpT6wMPe2bgGEs7xyoD46Ha66Oh4zgGwe4nRSV4uHTxPZihyvg%3D%3D\"}]}\r\ncf-ray: a10baa67ecb15fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":181,"size_decoded":800,"mime_type":"application/json","magic":"JSON text data","md5":"558e0695acc93d0b470368551ad8e771","sha1":"9673baaffb3575a1023fa18389b1c060c6a21114","sha256":"4247610e6a52e8d33d3e472cb026100fa323f7001553f06bdefd3174b8f5c30a","sha512":"cc21a46f677288031f99e4d8e48d85483c3a56866424f7659e67dc858ad514b9824dbe94e3b1997239d3a8010704d93779dfc567cba385d54cd4048ffe972f59","ssdeep":"","tlshash":"01c0c0ed01449286ac0010cfd713b814c50380f11c08440cbd2598c0e38eb6cc1f0810","first_seen":"2026-06-24T12:17:59.132623Z","last_seen":"2026-06-24T12:17:59.132623Z","times_seen":1,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/greenColorDSGN/mix/landing_zeus.jpg","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:47.722Z","timestamp":1782303407722,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /greenColorDSGN/mix/landing_zeus.jpg HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0K1mAx8mOO0Q%2BgVlhjZIbK4PFCTI1MxIYDrlDWE4l5lEp4nnWwOkIB8lmBdGIdAW7Fpk8OjySAd%2BDspjK1c7OaZHMZoORwaoh2rhUqhFuUqNhHEIruJ%2BEB7qZbjrNQGaJg%3D%3D\"}]}\r\ncontent-type: image/jpeg\r\ndate: Wed, 24 Jun 2026 12:16:47 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:04 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 179638\r\ncf-ray: a10baa6a4ccd5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":201878,"size_decoded":180378,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 2368x1028, components 3","md5":"28ddcc23e4d8be01380e65e823904d84","sha1":"fe6cf680ed934ce00bbff66393dd076b15184486","sha256":"ce31ce6181ee64d6d05347285c6b04765859159285cfd706b617e02ab2851839","sha512":"375fd38d2afd987610235da2f48799220b401b999f012bef5d83e079e3f6142bc425d5d78991f35c8df66c88999adbb165399bd5887da34d9e2c9c495d7d327d","ssdeep":"3072:PpZCDctONi+s/9M9EpUdbnP7uAj0Mc85RjRdr/qHrDIDzyiN:L64I99P5InGjRdr/qHrMDWq","tlshash":"001490038c1c8b97e52993e4bd530dac2f592b5ce9813aff05231ecb7e645265dae01e","first_seen":"2026-02-06T07:23:23.986859Z","last_seen":"2026-06-27T02:44:44.831813Z","times_seen":7073,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-24T12:16:46.275Z","timestamp":1782303406275,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\npriority: u=0,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=x%2Bjh74hNgK1rzNDUUf%2BqjDCXkE%2FTO8lkK20Ki0sVVCJmiAmiCPGKQVbCbjnpl9lgY%2FW3XWa0bzQWY1i1epD6g8yKB95P1aWSAgdUQyJxFG3Y7hr7yBzyz2lgf%2FYTKmjJrg%3D%3D\"}]}\r\ncontent-type: text/html; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nset-cookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE; Domain=.heodox.com; HttpOnly; Max-Age=2592000; Path=/; SameSite=lax\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\ncf-ray: a10baa616c1f5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7151,"size_decoded":3336,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (2283)","md5":"0ce44da5e96ddbc2a671007a29c7666e","sha1":"47e7adbb9fa2c148d701e24d9621a1b629f67e9c","sha256":"0142b3b8faf3b8aa55fcfbae8fcad9e38ee7b7f9b40cb4a28acf14f2bc57f657","sha512":"6d9c0357259a9749a85235b37d346ce0ce54df9f27243214440dbf5db9fc6c2add81fca428542d6064dbad2c594f2588e2e00073a6a404042f4e3cfb44932f42","ssdeep":"192:EUB4BfBct9RtUl78ENCC/g7FefSpGB913MCqO:EsgZ7l7Q7FU","tlshash":"ffe195b77f00992a07a39b99a8db224ca237e1078c79ddd5a744582e01c97f88473fd7","first_seen":"2026-06-06T21:26:14.93032Z","last_seen":"2026-06-24T12:20:30.387435Z","times_seen":7,"resource_available":true,"data":null}},"time_used":176,"timings":{"blocked":0,"dns":6,"connect":17,"send":0,"wait":152,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/css/10dffa892f034c33.css","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.693Z","timestamp":1782303406693,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/css/10dffa892f034c33.css HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HsD7RMpCTNP5DLv4Way0H2Dg93TUUdlM%2Bwgks9GxWVtgTfpmjRhoa4Baa2P0M6XpaQw6YDj0FtQROLP3mniJBs4mqqp9jmWnZVXYokMGDEfNTegH7zZO0Mxv9CrGWOFPYA%3D%3D\"}]}\r\ncontent-type: text/css; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 163\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncontent-length: 14043\r\ncf-ray: a10baa63dc3c5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":76394,"size_decoded":14794,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"903280523a763cf14a01eda1a188c571","sha1":"cb8e1fd73250fdd6509ce200f5215a75c6430be9","sha256":"91441a25f42db624a6ab86a8831b21a2a1f2466c4dff5f9d60596bf5c5bc2f47","sha512":"c8350ff391c334c4f5990ee6dee8b883d6158ff6fa8fd0bb5c8d3a1673b76ef3d2af75afccc76b5ba33fcbe554bb9db09202284026401b21af40704edd70497d","ssdeep":"768:91aLpv9OTdbkomfYKekdx/+dYCzEvBvwbniRXpnBv1L:91adv9qd4omfYKxb/+dYxvZwG","tlshash":"4073a6365130a13c7ae76934be98a5cc3136c592ab335bdef05abd25c1c71a73a53388","first_seen":"2026-04-13T13:34:34.68351Z","last_seen":"2026-06-27T02:52:27.346658Z","times_seen":4116,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/2366-925fc85d237b17af.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.792Z","timestamp":1782303406792,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/2366-925fc85d237b17af.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JrcfaZFYrzmEUofjT0RZ2q6wU7Mb3iGaDJBEEkXG6f7ks%2F%2BOOlQKdg6nlnL5wlg5eGoGgo3M5TqbI435ongOzyjLKogCasBLOEp0owmg65ghiOh8Ypj9mT890j0fmvsqnA%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvia: 1.1 Caddy\r\nage: 162\r\npriority: u=3,i=?0\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\ncf-ray: a10baa647c515fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":467,"size_decoded":1014,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (467), with no line terminators","md5":"f7911660cff2a47fdbc9415ace2e3188","sha1":"3ab908a0337f5ba043a079b563d3c584521ece41","sha256":"4a2741bde36436647e2ae672eb2ef1262c83541e3d13784b48cb37b165bddd8d","sha512":"e21a40e23085dd405ca6c8473453fabc4c7df8999a472fad7a94a4f26856b2d5ebbfcae375412db956a96f92cf7f630b5804e5090ac19f22eb4b7a1022c96b3b","ssdeep":"","tlshash":"54f09e9920057c387abb4c02096e8c2a287c3572be091581e707c5a0009faf85170e9a","first_seen":"2026-04-13T13:34:34.684954Z","last_seen":"2026-06-27T02:52:27.347238Z","times_seen":4115,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/5358-6b6066a7c5be067e.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.822Z","timestamp":1782303406822,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/5358-6b6066a7c5be067e.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2Mds0K6V6MPy5Dg3cz29RIWh9iIwGlUeZxSy61XaWnZ%2BHkntFnsVzWHM8nsZkYIQo9VmpZPZ%2F97tHJsA%2B6ah3RNFCy0iQW9Rt4x0RfygmPwQzDeP0iNQMZDH0jlidRYdtg%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 229811\r\ncf-ray: a10baa64ac5a5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":962608,"size_decoded":230574,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65416), with no line terminators","md5":"9156598b1de03a5170a70624dfc8177b","sha1":"b3492044b8717c0f42193be8f4e8f28a82e1350a","sha256":"a766f5b00eece4fff39e14883d3fd3b1d296272714633a36d9fceb8216d72c68","sha512":"766eb2ab0245999d24dcaa587fafe34ee2312c4d10e89f6f13f8cc4269bd1af69ad6e7332d59a1b2c509a2646875092e7403a98036288c030cbcd41ec7290a61","ssdeep":"12288:xHJlmOl48cdPyBOpIwGAWA7k3ghrhanjqv:JmOl480yBOpJBhrhan2v","tlshash":"7225190ea7d473b41bda3149364e4d3fe25cb638c352d016a5d6ea7d228cce4613bb98","first_seen":"2026-06-19T17:10:47.222323Z","last_seen":"2026-06-27T02:52:27.359353Z","times_seen":2633,"resource_available":true,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/8824-ddffb509a90576a1.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.830Z","timestamp":1782303406830,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/8824-ddffb509a90576a1.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TuP8jviQnqKGvEhtToanNa8CEe1xHh%2Fc29nk1TTL1bCvibH7XUHFJ8ZZkWnMi512HJFRFBfmwhPabLMSdePUT4KquocVdEovM6YFHwqwvcyCOSe7ytgfgBSagO0q6uYy6Q%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 205429\r\ncf-ray: a10baa64bc635fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":492118,"size_decoded":206188,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"88138b1397ee14b04ead267aa44c4196","sha1":"760b927bacdf81d73a0f2084bfb3ce7a76478e63","sha256":"a2d07d31470b51490786beb8167c7fafeae5a0236cb44537c4dc8857b3c448ce","sha512":"9841fadaed80aabc013a0fdccff0b1356d14a06a2952bfc883dabd299aa5fd9a4369b504e8ac7d28f47c27573be3bb4b94b08d389d3836697c2334185931304e","ssdeep":"12288:3fB+XoxJuhu/v7uV3rIPE8zGglvb9hsm8sMQMNIYsUKwJAsTF4Xylyz+hYsUUIJM:vGgthhsnR0yF4XylryF4Xyl+","tlshash":"94a4be69da7112fdef516ac0ca177015dfe6a6936fc789e8caf6ac040bb05ce4301e91","first_seen":"2026-04-13T13:34:34.606306Z","last_seen":"2026-06-27T02:52:27.335254Z","times_seen":4115,"resource_available":true,"data":null}},"time_used":73,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":55,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/5917-79f62dfd025e2ed8.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.833Z","timestamp":1782303406833,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/5917-79f62dfd025e2ed8.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ohAIvDLIJFKND3Pizp%2FX%2FCE8%2F8Hit5td3oALcZlj%2FoLXR968r534Oo%2FGwWIb708XpE8xAkrnmHu%2FIAAa2YInidKtP5vqoG5evQlB06fe9Z%2BJKzwVTHV6AdVGTOTy5vwzCA%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 93371\r\ncf-ray: a10baa64bc645fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1153840,"size_decoded":94141,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"c9b727057e7bd1e3325cda7430d5e8a3","sha1":"7f253d66cf405fdef8f4cecc4defaeb56c4e9b5d","sha256":"9451e73254f0cab0fed2933236b1b82d476e768fe75b7e1b8be7a19c98c5fbb9","sha512":"a0a260b80f808e6674eb5fcf51d9d0bf1a304790be35430de9333892ac782769ffd84746ac14a9c44d5450ab5c200eff7de569450717af197cc278532d7a30ce","ssdeep":"12288:m9kU1wEKxHLIPrsjbDcvnTJmP0I8y/PEg3Ahkz1epv3BoKuW+xMQT1y5EVNy5EVp:mrwEQ9Oe","tlshash":"f5259b4987aa42ec6f9d6d80c607744a4fd69513aed789eccbf9be1013b0ade1311f42","first_seen":"2026-06-24T12:06:23.50767Z","last_seen":"2026-06-27T02:52:27.359973Z","times_seen":1870,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/9796-477f833bec802edf.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.847Z","timestamp":1782303406847,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/9796-477f833bec802edf.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tf4NEDfNb%2BdaSCYpN1HQYs5MATHn4iAMWIIM9sVq8XAuiZPljnBmDDG4x4l6ekUr90nXPgr3Ly%2FJihQwRpCB%2FelUgUNfTehWw1zHbcWMcfEy6RTNC2GdE5R%2FX%2BtrC3HEYg%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 30594\r\ncf-ray: a10baa64dc735fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":261678,"size_decoded":31360,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"3cd700563cd8e58c974d39b5117025a1","sha1":"8adb06045734081c226292a64b902365df367e22","sha256":"92c3493cdd4b2f4c088fc3c1aad125fee7a6efff6470de708bb5363e2c2b9e48","sha512":"89bd514505d7f05dc1d6d9124541bcc8aa98cb80bb21ecbf2ce07e05c4f9767ed6ff1f2ce6a99f5a994cdc9801fa416e5d37ef0bc5c046b18d4eb13df3a033db","ssdeep":"6144:cX68qDg+HzhjzH4Bs5ivB1hPYbRm0XiGwgwKZ7hmcVQoDMEFilOHIUJW3bXlB/C1:VjzH4Bs5ivB1hPYbRm0XiGwgwKZ7hmcJ","tlshash":"eb44101c8f7242edbb187c80ce4770698be586466fc784d8eafb5d244ba05ce5342f66","first_seen":"2026-04-13T13:34:34.615711Z","last_seen":"2026-06-27T02:52:27.347741Z","times_seen":4114,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/greenColorDSGN/bg/preloader.svg","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.932Z","timestamp":1782303406932,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /greenColorDSGN/bg/preloader.svg HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/_next/static/css/d4dbba7cd4889f6e.css\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r85RSo2mMfpnf6otl%2BiWa%2FWsL0vDN%2FpXj9wC7uvvvzi9crwOto5sTc%2FrmGp0oAkJqt8%2BBlSGuljpA4u9lqYYF%2BHDrKu2tOAkdbTzdonN9DivlOHAU943rNp7LtxdY0lFcg%3D%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:04 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 883\r\ncf-ray: a10baa655c825fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1652,"size_decoded":1629,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d4cf0d8e07d5ff0a22dde176b5e6926c","sha1":"bb3f41bbc80202459f3bd9a27054f855523f8ea7","sha256":"caa934ceb360955e8ef4eae0984d9ee475137fa2eee2b013586e25461bc1703d","sha512":"03fa93b18e1610abefaaeee02782234d164bd6de0d27aff61c5aa02e260d50e0b69233306e46bcabac18c6de2ce085a5859bd4ee71c2480acb0e4a719a3c5123","ssdeep":"","tlshash":"703122c04abc425cf604a6a9cf122875be1a64ce578564baf3ce9d06935805b8e0299b","first_seen":"2025-09-13T11:18:32.012309Z","last_seen":"2026-06-27T02:40:55.348875Z","times_seen":19425,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/7185-909ee90aaf995ae0.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.855Z","timestamp":1782303406855,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/7185-909ee90aaf995ae0.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BZXCIM6wToXjaME%2BRJh4bUubh4DdknGSwaqVyPN4KQuqT2gDv0HaFPP8l%2F%2Be4yXuYT1lqp9uYMEzcR7HDRJXZ%2B92%2BmMml9%2Bz0Xp75LT6dzMa%2Bq4JIcjd3BbAeBnNiyUQPA%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 192527\r\ncf-ray: a10baa64dc785fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":714479,"size_decoded":193300,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65514), with no line terminators","md5":"f872fce468fe11bc2d553d3a1cb1728d","sha1":"64f7d375570dfb04f81e3aa3e290b4e9db422055","sha256":"ba29effdc23ab00f7e5b7ee690b711c4e750ab4bd60e6892ac7b2654c7dc089c","sha512":"2ec2637d1dde4852781820a9174ab4ce112fc7cd9a84cd893520aee7d8d485e9e465ae3b1a7856959d8954c60d09d88f75d513f842af5017f62df6ffd14169ef","ssdeep":"6144:QM59C1szfrCWDw32B9SKUVG1DmeSafWTnp2iYEGeuD+ji8ktmHUVYL83uS2a46G0:mO7w3qEKUVG1DmtafWTp2iPxKvN","tlshash":"e7e45d1d72c072ac17c363659a2b581ef36e596de125a804e3dac93c325ddccf13aba4","first_seen":"2026-06-24T12:15:04.841116Z","last_seen":"2026-06-24T12:20:30.390965Z","times_seen":3,"resource_available":true,"data":null}},"time_used":54,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/global/favicons/greenColorDSGN.svg","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:47.219Z","timestamp":1782303407219,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /global/favicons/greenColorDSGN.svg HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Dp8BpfKEPnPYpu6I6gyq8i1vcDCxHytA5487FCngwQthHz0GmyeeWEp3rIfe3%2BBathQL0Lfwv2pdayxpu%2FW26Ek6X3F1uF9Xuc%2BktZpH3wWjNmU38vF1plWwGmqSoPTr%2BQ%3D%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:16:47 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:04 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\ncontent-length: 750\r\ncf-ray: a10baa672c955fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1468,"size_decoded":1495,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"50679c0c5e3ed56d05c1d0ed312419a7","sha1":"f9ea27ac71a78da2d61e14b84ea77ce447920d9d","sha256":"c164e1ea36438d14fea9b88996d154275a4c92fd80bfa082c7e00a343f241147","sha512":"163d4097d60ecdcf58cd01ea828e74491b0e27fcf3d40a2e7c56e6c90042d6d9a9b6cb18825052caf8799836ad35a44c1c88ffd2c35ce5d888d23716c27dd0f4","ssdeep":"","tlshash":"a4312e9e77fea185f448e7f8023999b932d36cd33a04d8282bc00c02e98091e9c9588b","first_seen":"2025-09-26T11:40:39.971586Z","last_seen":"2026-06-27T02:40:55.333262Z","times_seen":19416,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/global/holiday/hat.svg","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:47.714Z","timestamp":1782303407714,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /global/holiday/hat.svg HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HpqsfqU2WBHTnqWI6ml81JVQCQevo%2FQ7ppSvtQ2zkOB1fUKTepEOPR%2FTJPFqqzr9mb7E5NetdchV3X%2BRgfCAL6gKcMhhjO%2BQJAF9XEqIwZ0HYKzaGbY9XxKonH6yzFDwnQ%3D%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:16:47 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:04 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 897\r\ncf-ray: a10baa6a3cca5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2987,"size_decoded":1639,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ebf4ae376fe7b0c4da02abc9a0e648cf","sha1":"74f107d8c9add6f03d767e3c60b4b10d90f9b2aa","sha256":"67cdad7bd65668f2f0f392efb2933b7ee75902995fdefba25792859e4384b566","sha512":"b3fd5d449af21db89d091f46d6399f4e446889580de88f08413222d8f2b4a66c10eb09c0c3277126884f8c86fa0ba8310edb3269b400c85ef7afeb4c22a6278e","ssdeep":"","tlshash":"4c51f0f069fc608c65460738e6be88922f2d99fbb20445497d5d2ab0d717883f98fb94","first_seen":"2025-12-07T15:18:05.826288Z","last_seen":"2026-06-27T02:44:44.82006Z","times_seen":9763,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/global/twq.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.698Z","timestamp":1782303406698,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /global/twq.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6zT0oS59tyVDb6T4M%2Fs%2FfH9LOnFHYGV%2FgMjVui7bsqoJ6fggCKRBocSS5hNHN0pLfXsksrvhkAftzad6Bz4sNO%2BWAzcZ1lMsghlsTpix4DA7TJ40lRq1fOof1O2jCKPPkQ%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvia: 1.1 Caddy\r\nage: 163\r\npriority: u=1,i=?0\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\ncf-ray: a10baa63ec415fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":308,"size_decoded":938,"mime_type":"text/javascript; charset=utf-8","magic":"CSV ASCII text","md5":"7f4d9e824f13f7d27acdc868f36f7208","sha1":"125a712d37aefe5d3e52ce2ae8986e109eb473de","sha256":"d6768cdba372d919e6d9322bf3cf3a0dfe427d86293aaf16f23d096028a00a1a","sha512":"d6395459961f34c3efc4c55ffa6bd873fbf20cf9aab17d31ec926d7ff645cfb9ae0cfea469b98e0604c5de162b60eb1bfc7b06a6fe91e3497f3a4fb32d29c20a","ssdeep":"","tlshash":"66e0e7f12d093d631fa11374117f931f3143210575595b91d59cd540376249f8037b8c","first_seen":"2025-03-19T10:41:28.935479Z","last_seen":"2026-06-27T02:39:02.805152Z","times_seen":23829,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/4577-b61d38b6b034d783.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.825Z","timestamp":1782303406825,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/4577-b61d38b6b034d783.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BaNyl1SurOg90Osh9eCt1y4M91bHHBlC%2BiMjmmX9Sy%2BnDoWKKkvQOiWB7H5e37UVnbVkkzV2F6D0hNnPeN3127LTBps%2BW9hgIDbanI9k0KJHBwZ%2Bl84ib7UtE4qOvSHtHQ%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 612001\r\ncf-ray: a10baa64ac5e5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1365565,"size_decoded":612766,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65494), with no line terminators","md5":"e6668d8af07f665bd6a728ea389b8445","sha1":"b44451db9a442a5be3cd3e428eae187031c8e6ff","sha256":"d66d82d7f23df37ddefc4a74bf15ca47b58e44f24171b875bb7911b865b5f17e","sha512":"cf413d7f97c7cb9a5f47be1f6d015d3cf6e0379a70e3d9e9d649a4640fea030eb4c6855f792b9583bbc963559a7a9fdcc8ef8febbca7e5d9a1c814a5ba722b5d","ssdeep":"12288:GxIYTLljXNW4D93yq3F/1hWJ24cvYkwl/eH3q0kCwI3UxrfZfM6A333xJUgHAsA8:3/cpXlKxUvBIVV/7x6XoG","tlshash":"4825601c8e6641edaf18ac81ce4770658fe2c6422fd785eddabbad204fb018f4351e65","first_seen":"2026-04-13T13:34:34.653552Z","last_seen":"2026-06-27T02:52:27.344015Z","times_seen":4098,"resource_available":false,"data":null}},"time_used":108,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":91,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/3083-d0071871f85c1c39.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.836Z","timestamp":1782303406836,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/3083-d0071871f85c1c39.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qwh2cczobIfCuRaWVHIM7%2FF8bwNrYRGugF90rUJXQu9Xty8%2F0Csru8Zjw39mUkGt0b0EvpZ0%2Bgq%2FoHQMsurC50zr2w7h%2BSBPurO1BNGAySrfOIbupdSGCEeaI7LA%2BQ7igA%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 37112\r\ncf-ray: a10baa64cc665fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":140858,"size_decoded":37880,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65178), with no line terminators","md5":"1e8736497d50701fd7e98b6af046968f","sha1":"dbfea11666fbb04bc71187a259b4318e935577c3","sha256":"f2bf0ce31e01e02feea9a6dba28d4318ce7e060806dc0c8e3a312b86a47bf163","sha512":"27ca329911a680c2a0654f53c3acb9846e41afbe86166bc73ee90c4f71aaea53c07bd3c3fe30a058e58154e9ab721f0238fcb7d087b6cae9a0313a6cabcd3aba","ssdeep":"1536:9wnbMGYAkPeRRJ0u4fU5g1+GoDJy+N0jPkV/KtXcUN3tadBZx4fH+dMxteMSVgvM:9wnbvvg1+lhN0wBDMxOig","tlshash":"84d3961600c827b52b677b25265acc0eb61bf23dc7429924b694c43b168edd461bffec","first_seen":"2026-04-13T13:34:34.639501Z","last_seen":"2026-06-27T02:52:27.331558Z","times_seen":4113,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/9338-742398fd846a71c9.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.838Z","timestamp":1782303406838,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/9338-742398fd846a71c9.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cvCpTvMYwg8RuYyX5cR3zbV8ZEp%2BubQ1twmizbq%2FLcakVfLyu0apGpsO6CsDvYsMyU4Y8jwSxqIZVEY4ysnjRAc%2BIjumVPcM0qKSI6hjTfDpPZUt6d0Bsk8gwqlOzhQKNw%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 253412\r\ncf-ray: a10baa64cc685fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1139216,"size_decoded":254175,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65360), with no line terminators","md5":"2b7b624a172740e15cab5bd742b040bb","sha1":"da4b4cacd38c8411c2757bab503b1e94d1387a7b","sha256":"cb81d12e10e97c97c29822437065aa8d5f2d0f71bed71df7e3b7d0125748046a","sha512":"8bf9e5dd6e8f41fc826a2788a73af7606876d14264892701adfc106ded698bc0b49037f06f9be77334cc5b34d939e305d98a4768e334e49b59966afeba39efe9","ssdeep":"6144:L+pzOk0ScZvzdjztsaAsU3Z2apIqOl4q58oLDmWNiWRSMGiLAlsrJYtkAgScxmPQ:ypzOZxRLLD3iWRSM9LAlsr1TxmBY3g6","tlshash":"ca25a456008827922bb37695269bdc0fa41ef12cc743c465b692c57e26cddc8a27bfdc","first_seen":"2026-04-13T13:34:34.662133Z","last_seen":"2026-06-27T02:52:27.363589Z","times_seen":4075,"resource_available":false,"data":null}},"time_used":70,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":55,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/6544-b0711005848a5ae1.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.841Z","timestamp":1782303406841,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/6544-b0711005848a5ae1.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=I5%2FNZf5%2F7eXYGjcCHnJMFvEd1E%2Bu5BfUlkOCjmBoPmRQ4CwLWNM0KldzviBmh3%2BS1vd1Y%2FOGyV9MhadwcAMbrGUmGoq77Im4cBJQNR2rfWDfXACJB4UMi3bA3Jm1XQUe4A%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 192136\r\ncf-ray: a10baa64cc695fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":932011,"size_decoded":192903,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (35586), with no line terminators","md5":"39a5893ca0e9dde921d815faef0cca25","sha1":"bf860904497bd9c873fbc6c44eff66b61d990a44","sha256":"69a245030c2015ad280eedf3d0e5c896f8672d6803277ee2b15aa20e24595450","sha512":"439a73175b07db2985b9bc16ca9a6b5a029a041d3285e4c6c6e74e3749a85c41cd2db6a0999dd0aad865f389558e77a38bd1e42f36a27d3ee02a6731b9cbfc8b","ssdeep":"3072:LxF1G4zn2Qbx7Lg5H+vCWpduOhWr8BqUH9d8YFdNWRmfewJTLiAezha1h5L2iQfS:hO459yOCd8/qGwUM3qMz74SIxTrt","tlshash":"3a15321cc778b7b12fed398936490c3fd66db570d7a202566994b3fb1088ce0506abda","first_seen":"2026-04-13T13:34:34.701686Z","last_seen":"2026-06-27T02:52:27.356566Z","times_seen":4113,"resource_available":true,"data":null}},"time_used":64,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":45,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/9564-0cf3b4f099c86954.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.852Z","timestamp":1782303406852,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/9564-0cf3b4f099c86954.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yTnw7u9bBM88GcBXAka7ctwWhYgSxVOxqIJAqKLtsHQeELFMhQFPnWE91y96cEx1xz8wxVC7689DU%2BW9VY%2BdYp000xfkSGnO29CgnqHN%2F07aLCPY12TUANze%2B0QOge6MBw%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 18103\r\ncf-ray: a10baa64dc765fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":61557,"size_decoded":18867,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (57043), with no line terminators","md5":"f1133f31f38a7764ffc9bd1b3df097e8","sha1":"d5d2b6cf4dec8e50720d6754d015bc4736f6c72e","sha256":"5aec2933ae085f9a1203fac9a6a05a2dbbb5a4e92ceb66b1124084dae588afbc","sha512":"abfc85e1473134449c3ebe247ad09931b39c01a2b43e65ed5f863b30b2d791ee25b24d9335cb778771683c3ba87d996ddbabd6668d089e932c3e8d57d92cac20","ssdeep":"1536:sAvhk/n1ED3wnpzktrXFlnEA8aqLE4++E/NL7:sAv6/n1cIzk9FlnBCLE4++E/N3","tlshash":"9d531c8cf3d4f2a927e670ba283f1c3bd12e7a34971990645794e6b42549c885233bf9","first_seen":"2026-04-25T11:58:25.658808Z","last_seen":"2026-06-27T02:52:27.351295Z","times_seen":4101,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/index.html","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.916Z","timestamp":1782303406916,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /index.html HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://app.heodox.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VHsVbS58rpH20budvHMWeFfeJY5HTJOS4eXjwZ%2FeVzNK4xyD5jOw%2BmEffvARJoZ9%2B4TayxAnszjAaEuFsMovwKI9Fk%2BBkdNAuBUVS9G48Q1ffBBxkJlPmVY6nCrRGqohlw%3D%3D\"}]}\r\ncontent-type: text/html; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:47 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\ncf-ray: a10baa654c7f5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7151,"size_decoded":3002,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (2283)","md5":"0ce44da5e96ddbc2a671007a29c7666e","sha1":"47e7adbb9fa2c148d701e24d9621a1b629f67e9c","sha256":"0142b3b8faf3b8aa55fcfbae8fcad9e38ee7b7f9b40cb4a28acf14f2bc57f657","sha512":"6d9c0357259a9749a85235b37d346ce0ce54df9f27243214440dbf5db9fc6c2add81fca428542d6064dbad2c594f2588e2e00073a6a404042f4e3cfb44932f42","ssdeep":"192:EUB4BfBct9RtUl78ENCC/g7FefSpGB913MCqO:EsgZ7l7Q7FU","tlshash":"ffe195b77f00992a07a39b99a8db224ca237e1078c79ddd5a744582e01c97f88473fd7","first_seen":"2026-06-06T21:26:14.93032Z","last_seen":"2026-06-24T12:20:30.387435Z","times_seen":7,"resource_available":true,"data":null}},"time_used":142,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":142,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/greenColorDSGN/mix/landing_girl.jpg","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:47.720Z","timestamp":1782303407720,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /greenColorDSGN/mix/landing_girl.jpg HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZLVWApUDCnn%2BL4yGt2wUr2Mfi2KPElN9UJmrxRac%2BvBkneMiphUkA9ySwEVoSuowMVAj4dUfzdfSFcBbmlDSm74tHZ968pgkuURxWO2F9xdLOqilF8KDielojf0DJFjq3g%3D%3D\"}]}\r\ncontent-type: image/jpeg\r\ndate: Wed, 24 Jun 2026 12:16:47 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:04 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 75067\r\ncf-ray: a10baa6a4cce5fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":78517,"size_decoded":75804,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1184x514, components 3","md5":"8d25c1c54ad4e4fda7a046718150d345","sha1":"040d0a141110b4931b44882a4a7f684c1d88ccc8","sha256":"396fd7d00555a14daf95d589cb71ca04832cb73a1f4d7526dfe1230cf289d24a","sha512":"55594743a12b9482a937157f0e70d6b72938d8ef197ba4592fb0be93af2aeb2c637a17bbf74a269a3074cf9dc5a95ffb86ba0b5580b0a7fbd353eb863369e0d8","ssdeep":"1536:5UoMN6p0PBEXSUrkj4srs72ZEsEsKuU/jfT7OxIlp:TMNw05cSUrUrAjvu2jQSp","tlshash":"2c730247ee4840f69c1d4cb47c961c6e7f602aad2d725a0d3b124ec52bc3b8aec7e456","first_seen":"2026-02-06T07:23:23.951452Z","last_seen":"2026-06-27T02:44:44.807307Z","times_seen":7070,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/2643-f0046750557ecfce.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:46.835Z","timestamp":1782303406835,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/2643-f0046750557ecfce.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=x3yvYLjlHgCYm3uunjebgZp73fOazFL45Ct9IpwUBHvB1AEosYVaBXTP5BvbU6KwiVmGQFJyxN%2FnIsoFy4QT1K5gVspiucwUuLhaCnVPjP7mNh1ETPuB51GkzZV0kW%2FjAg%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:16:46 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 71174\r\ncf-ray: a10baa64cc655fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":276387,"size_decoded":71934,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65438), with no line terminators","md5":"22e80ddc9f6a618a74ae2024b1368d41","sha1":"92a5cb5a65b6db5e9fe377f30c867d91395fe65f","sha256":"cebfb1f5431b46b051bea9d7bb688099a15ae2d0bc9d906fad0678294dce11eb","sha512":"96d815f6d514ef47fafeed39af74b87f862781c464d29d2983b0b580da47867a08fe38b8f4cec9a32f181dc4174b981ade00e3b797cc8cdbcb48a0e7446a071f","ssdeep":"3072:lhsm2vphspSZ5qYHGKTG2Ucav/sLJ7T8Z2KxTofh5p0yEdQ8IeCp5+V0z0DLdD3K:Q3koZ5XG5sdSqfhwyEGASNBpH/","tlshash":"83440c2769c4127c2bc362569d675e4ef35ca918e215b419f3d7ca3d338c8c4b13aba8","first_seen":"2026-04-13T13:34:34.673947Z","last_seen":"2026-06-27T02:52:27.335777Z","times_seen":4115,"resource_available":true,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/api/v2","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:47.345Z","timestamp":1782303407345,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"POST /api/v2 HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://app.heodox.com/\r\nauthorization: Bearer null\r\ncontent-type: application/json\r\nContent-Length: 165\r\nOrigin: https://app.heodox.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 \r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-type: application/json\r\ndate: Wed, 24 Jun 2026 12:16:47 GMT\r\nserver: cloudflare\r\nvia: 1.1 Caddy\r\nx-compressed: true\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\ncontent-encoding: zstd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=idLXqXiTkPutqFNWti4uxfVgfyuuXatyFpZYzb4S%2FQz0wEBz%2FSocfuBS2%2FUoS9bWIyKlGuYlEkhGIIN%2BB5n%2FFrNFg9I1wa2AI92qkDvVNVfq2Hm9VRkLNORkvy224eLk7A%3D%3D\"}]}\r\ncf-ray: a10baa67fcb35fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":141,"size_decoded":774,"mime_type":"application/json","magic":"JSON text data","md5":"560eb8efe392acfb72598c464fa22f4b","sha1":"8f485be297b058e9638edc9f4a8fc8ae836e9581","sha256":"8fbfbfdbdddc2b830ca1c05aac16fe996a595726161839097abe5115185810fa","sha512":"e571faeec3c4ca1f2797da27f3fcac01ec119e29c4bdbd5c587967f0470baf1a24d61b803eeec33f8941848885044c8440d014cf0fb1640a842088c8c99ae122","ssdeep":"","tlshash":"85c08c68aa0811c622224ac0518341920006a9432be03ec58aab8052ca90a618642e89","first_seen":"2026-06-24T12:17:59.153154Z","last_seen":"2026-06-24T12:17:59.153154Z","times_seen":1,"resource_available":false,"data":null}},"time_used":168,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":168,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/greenColorDSGN/bg/stat2.svg","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:47.834Z","timestamp":1782303407834,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /greenColorDSGN/bg/stat2.svg HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2f7RRTp6OJ7fO2l97E050NG8R9oqos6eImrgE0nJC%2Bakn12RVpJ7pLae76iD7fWn535GRn1ZRl1wXFI4KCka%2Bn%2F2u0Up0irXOgM6%2BnDSWWti%2But8GhRhEFWmD5h7bS2%2Btg%3D%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:16:47 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:05 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 2008\r\ncf-ray: a10baa6afce55fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4012,"size_decoded":2755,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"5cbab71b6d96ad7f65cb930bb401ba68","sha1":"48996ecb2d0d7d9c1ecd4ccf994b9a24dd52ec6f","sha256":"a1c783e7030d327da610a9c36e0359b2e07573771468225ac6a6cd3c2d7bf12e","sha512":"5e70c60a35359b551d6009e1f63ebef5911c29a63d89ec24225f48c7f20d33982b1f0353cade31e7f541d3df5d534984b6c69379373d086a7e1c5adf536eb780","ssdeep":"","tlshash":"3881d5d82bf585e4a2869be3df01582c3d0790fa2ec54840f39c6e682f55c7dcd128ca","first_seen":"2025-09-28T21:41:24.398473Z","last_seen":"2026-06-27T02:44:44.795259Z","times_seen":9432,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/global/countries/pt.svg","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:16:47.885Z","timestamp":1782303407885,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /global/countries/pt.svg HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AS4dwgUji8AzrCDelMEJOBfKW--1azbG21sdIE0cEn0WMNASD7zCIASF3xG2cdlH6RdDLY8A5YWoZp4_oYJfJ-kdto8wfmsuUBaG06-OMT52JbWuJPQBMvoz8mCjTqrBgTTY05F-uQ3wyX_yfSdrfP1p17L--yku-og61Id0EprykVGqvtqPt5WSQ0uhrW-6Xb7wEsgseWQncRY6PHW2AYudW9Fl57xBKI7RIpH-0m3jFkE\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ohVL91VA2Y7B8d5FRvet7PQpStRKfdVtAJuXhtLrsAHQn8fAifbJWd1MbzCRUrpCoOT9azVn3ZcvbVRlc%2FljxCuNrN2BBDeFVM91geUeQkKXP8CSEKF1cMH%2FCqVMzOFJIA%3D%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:16:47 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 162\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:05 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 732\r\ncf-ray: a10baa6b4cf05fac-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1445,"size_decoded":1470,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6e9db125513715df3ec213f701b912d8","sha1":"f0fbb6a6e5b7a068d28792280f397a4b879deeff","sha256":"3054e3bbce0d049b0ab3d157a16b24f7a572a7a45e73d342e3b7b8d5f28f0a4b","sha512":"06c04e06e44b97fc2b4379173dcaa7003f3cc5ed58db1697e0934f96878fc16928e08eef9a0be085cafd61b545718da8e8a7d8b456b57b194a51c1e22128c775","ssdeep":"","tlshash":"4a3174c9a335b0c24a17cfa87f2ef3c2044a67f8291c9884708ba90c3955bcdbac4d00","first_seen":"2023-08-14T20:47:06Z","last_seen":"2026-06-27T02:44:44.801594Z","times_seen":10147,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}