r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 517693963cc46e7a35a054296d0edfd5
11dfcd7e118e5f8d31e664e56ac29c57f973b8b3
ece269e8b9be8a5839d75c1343823d68b96930c593c2e3e8d522999176ee3149
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ECE269E8B9BE8A5839D75C1343823D68B96930C593C2E3E8D522999176EE3149"
Last-Modified: Mon, 29 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4822
Expires: Tue, 30 Aug 2022 22:40:34 GMT
Date: Tue, 30 Aug 2022 21:20:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 30 Aug 2022 20:26:02 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: DhKs4e-3Zi-PJ7T2B-NdSwIw7m9ovX-YTwplliWOSaTykXZylnSHoQ==
Age: 3250
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 29 Aug 2022 22:35:59 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ugaQQjioUI3jfdSVDKNC_8rrq6vCjs-vEdLOKYwlPiAPGanlFlBqMw==
age: 81854
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 30 Aug 2022 21:20:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 30 Aug 2022 21:17:12 GMT
Expires: Tue, 30 Aug 2022 21:28:24 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Ja80iLV1rr7a-NWOSqha6Z4MoqhJNWXjH8LITEG_e6GEcNTPFYfmMA==
Age: 180
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f67e41cdd7e5f2aa8f93d031979c9109
5f4c0093f9bf8f8e48e0d7f56ed31aba0c6f43f6
608e2b7d208977f18da12165c9eb1539656d7754dc49f3f687736151a4810e06
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2694
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 30 Aug 2022 21:20:13 GMT
Last-Modified: Tue, 30 Aug 2022 20:35:19 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.43.46.140101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.46.140:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TKLXeTmD7u21ZKsGxutD4Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0B7eEj/3SBBFUzzxT++7u5b49t8=
hegodev.com/tds/aietqu
184.168.97.137301 Moved Permanently 0 B IP 184.168.97.137:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /tds/aietqu HTTP/1.1
Host: hegodev.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 30 Aug 2022 21:20:12 GMT
Server: Apache
X-Powered-By: PHP/7.4.26
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-LiteSpeed-Tag: 6ff_HTTP.404,6ff_HTTP.301
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: http://www.hegodev.com/tds/aietqu
Content-Length: 0
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8483eb99dbd130593ed0072e2fbaccf9
fcb83f0b4a448f0b94b0bf9db431cc802413dacd
5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7478
Expires: Tue, 30 Aug 2022 23:24:52 GMT
Date: Tue, 30 Aug 2022 21:20:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8483eb99dbd130593ed0072e2fbaccf9
fcb83f0b4a448f0b94b0bf9db431cc802413dacd
5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7478
Expires: Tue, 30 Aug 2022 23:24:52 GMT
Date: Tue, 30 Aug 2022 21:20:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8483eb99dbd130593ed0072e2fbaccf9
fcb83f0b4a448f0b94b0bf9db431cc802413dacd
5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7478
Expires: Tue, 30 Aug 2022 23:24:52 GMT
Date: Tue, 30 Aug 2022 21:20:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8483eb99dbd130593ed0072e2fbaccf9
fcb83f0b4a448f0b94b0bf9db431cc802413dacd
5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7478
Expires: Tue, 30 Aug 2022 23:24:52 GMT
Date: Tue, 30 Aug 2022 21:20:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8483eb99dbd130593ed0072e2fbaccf9
fcb83f0b4a448f0b94b0bf9db431cc802413dacd
5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7478
Expires: Tue, 30 Aug 2022 23:24:52 GMT
Date: Tue, 30 Aug 2022 21:20:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ed547f-030a-462d-a7c7-12a7748cf9c8.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ed547f-030a-462d-a7c7-12a7748cf9c8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91310bc1fb5ae0efa502a9bafe046399
ec2a4baf0a21c1738a541d89756cccd6f3bef5fd
5fe0511116c6bd2d6e668c69764905c3a5c93fa23a4dc207b0f4b1604783ceb6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ed547f-030a-462d-a7c7-12a7748cf9c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5925
x-amzn-requestid: fa7479ef-c5db-45ce-a973-a8831df14931
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpS-ZFH1IAMFsFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d31f5-1a9b0a43065d731b4cc61ed3;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 21:39:01 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DBxGjmVUCTjHUrOzLWp37FwLUUo_5CykjgxAeCAaw1TlodWSmbnCrA==
via: 1.1 174acb08636ac7d9e9a778bbf1bcbc52.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 21:46:33 GMT
age: 84821
etag: "ec2a4baf0a21c1738a541d89756cccd6f3bef5fd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67641144-189e-4213-b00d-7d27d45f0e9b.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67641144-189e-4213-b00d-7d27d45f0e9b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4aa2a22c2851d082acd55c1c9782cee9
20b6a116eb4d8a7c1321e09c7ad4d8aa1269603e
d0d6a3cc781786f5377191e2b1f3495ac76f4f8af7c56291f761a49a167b8726
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67641144-189e-4213-b00d-7d27d45f0e9b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8684
x-amzn-requestid: b1f808e9-a765-453f-a7cb-2054d3dd45e6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpTRyGxKIAMFXkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d3271-79de3e365428be651400d407;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 21:41:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ciFN36F5h8hh3JPmeHR2WtZQcb4F1OUZFUnwntZfTwgST3EkV9Vy1Q==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 21:52:03 GMT
age: 84491
etag: "20b6a116eb4d8a7c1321e09c7ad4d8aa1269603e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd073058d-a781-4fa3-abd4-05363877c306.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd073058d-a781-4fa3-abd4-05363877c306.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 87425d52d274ccbc12298aa7a47395f2
b2866f84f93b73d97e9aecfa2293ff47131b6d67
2284c74b04493c7a67907b2477bac252832f3550c6a7e57c221abefc45a12549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd073058d-a781-4fa3-abd4-05363877c306.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8478
x-amzn-requestid: 99612ef5-edb6-4e49-87bf-6ecd3071f5de
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpSwNG0IIAMFqkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d319a-58b190387602d9643315f916;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 21:37:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7lkRCgMl7VuI6UsFWnL0VCvy9XZ-Du8MJZS7HWzmr6S88CjzENGurw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 21:50:47 GMT
age: 84567
etag: "b2866f84f93b73d97e9aecfa2293ff47131b6d67"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F849c6deb-3aba-41f7-a257-bf54249182ba.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F849c6deb-3aba-41f7-a257-bf54249182ba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5e0dc790ca607928d609e38f37c012d0
9d37dd425e3319fbb4248718f58371b43d513ce7
7f8ce6d77cbb4be87fb06ffd8f72ae997e006b933382c44b8b4e0a61743f24e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F849c6deb-3aba-41f7-a257-bf54249182ba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11042
x-amzn-requestid: c92cef27-0a2c-4f5e-86b7-eafa048932b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XgUlVFdJIAMFRKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63099aee-794a2c5c54fe181b5756e5f6;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 04:17:50 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fvJwRvwqtDt8pEe0MbuB8LqAxniGu2ERfWbJc3wmKqhvQEEAVm7y7w==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 21:36:01 GMT
age: 85453
etag: "9d37dd425e3319fbb4248718f58371b43d513ce7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa91a5094-5af6-430d-993d-243427b324ba.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa91a5094-5af6-430d-993d-243427b324ba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 82bc1c69018845280d29653d6b2d6f8d
0c122f15422cab7ee3461e8fa657183ae54adcc5
e221638eff281c27ef4656f76e64963718186285c57e50a8958bd3065e662674
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa91a5094-5af6-430d-993d-243427b324ba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9980
x-amzn-requestid: b9f6b930-9c47-41b9-879d-ce239e39f033
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpTMGHlNoAMFuoA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d324d-72ea52c010dff34438bbca28;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 21:40:29 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: orq6ucCez7UBzTSPTyJR8u8ZYf1VOV_zPOLsJFvGD2jfiW0YJmxVSg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 21:47:30 GMT
age: 84764
etag: "0c122f15422cab7ee3461e8fa657183ae54adcc5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feac04243-b8b9-46aa-ad1f-285d333e6c88.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feac04243-b8b9-46aa-ad1f-285d333e6c88.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9f9132960db725a095b0db1773dc6f69
bf1d4347e1641da5aebe6ae438c0431232ae6242
0e0b84df674d48517a04819604deb555c904518f093784691de4914b6ddb9e9d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feac04243-b8b9-46aa-ad1f-285d333e6c88.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10672
x-amzn-requestid: 9044b578-ffc7-4890-a16f-bf6d5e242f46
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XnTWcEUnoAMF_UA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630c65c2-4397932f1417f6ab2463c4b0;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 07:07:46 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: vqHJR_zF8qR54qyIPx-Dqsh6kwjgRmcSF8imM4PLacc4PjhyxvI6ww==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 07:44:52 GMT
age: 48922
etag: "bf1d4347e1641da5aebe6ae438c0431232ae6242"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-154422125-1
142.250.74.72302 Found 255 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=UA-154422125-1
IP 142.250.74.72:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash b0b7be4775c9e6493b240aeaff53cc7f
228debc297de26213a28ac0691cfd6659f3358cb
44432bc7db6cbbca0857a975f6c910f69631df6dcb7bf31469655e2d39a7ec65
GET /gtag/js?id=UA-154422125-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hegodev.com/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=UA-154422125-1
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 30 Aug 2022 21:20:15 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 255
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fe244465a99d48f257a3dda7ab28c6b8
69c89374520ca54adda7fd15ccb069def5fb3663
8f9938ffef09d02563d617ac9ff1ce97b05c5bf52b64f6724b9f19a5e90965f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 Aug 2022 21:20:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fe244465a99d48f257a3dda7ab28c6b8
69c89374520ca54adda7fd15ccb069def5fb3663
8f9938ffef09d02563d617ac9ff1ce97b05c5bf52b64f6724b9f19a5e90965f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 Aug 2022 21:20:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0982b9e784a0a990d6318c92e33860a1
764377c393017e86d98a696da455509cba1806ac
27a19ec4ca0a052faface8ad45dca4d9a4a739c658d10f0e693aea065bdc607f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 Aug 2022 21:20:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-154422125-1
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-154422125-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash 486ea2e2b56063789a26402316d6d830
e6ae9de725e7b9ea3c5b99d64932000e5c0a3b05
724b607ef039ae6a361e5cf291903ff63f8dc498de4e6b3e9833fb924e14109b
GET /gtag/js?id=UA-154422125-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.hegodev.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 30 Aug 2022 21:20:15 GMT
expires: Tue, 30 Aug 2022 21:20:15 GMT
cache-control: private, max-age=900
last-modified: Tue, 30 Aug 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41983
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fe244465a99d48f257a3dda7ab28c6b8
69c89374520ca54adda7fd15ccb069def5fb3663
8f9938ffef09d02563d617ac9ff1ce97b05c5bf52b64f6724b9f19a5e90965f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 Aug 2022 21:20:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0982b9e784a0a990d6318c92e33860a1
764377c393017e86d98a696da455509cba1806ac
27a19ec4ca0a052faface8ad45dca4d9a4a739c658d10f0e693aea065bdc607f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 Aug 2022 21:20:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.hegodev.com/wp-content/themes/bosa/assets/slick/slick.css?ver=6.0.1
184.168.97.137200 OK 1.9 kB URL HTTP/1.1 www.hegodev.com/wp-content/themes/bosa/assets/slick/slick.css?ver=6.0.1
IP 184.168.97.137:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash b06073c5a23326dcc332b78d42c7290c
64e6c5ff99f14c65752e0322234160f8e83fc6c2
f0b722c48c52082cd77261574e22a5251fe37ea4b291b1441134145bab9b2063
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/bosa/assets/slick/slick.css?ver=6.0.1 HTTP/1.1
Host: www.hegodev.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hegodev.com/tds/aietqu
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 21:20:15 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 28 Jul 2022 02:09:34 GMT
ETag: "1e2862-767-5e4d4065d3faa"
Accept-Ranges: bytes
Content-Length: 1895
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5
Content-Type: text/css
www.hegodev.com/wp-content/themes/bosa/assets/css/slicknav.min.css?ver=6.0.1
184.168.97.137200 OK 2.5 kB URL HTTP/1.1 www.hegodev.com/wp-content/themes/bosa/assets/css/slicknav.min.css?ver=6.0.1
IP 184.168.97.137:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (2414), with CRLF line terminators
Hash 73aebdebcb3f022385f46a52cbdd380b
8035b752f76ff51b3873a553d995a2966b0e07a9
e70db408aa0bb9d4602dbb85f043a506b7ea06c185348503e6fb280472446c48
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/bosa/assets/css/slicknav.min.css?ver=6.0.1 HTTP/1.1
Host: www.hegodev.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hegodev.com/tds/aietqu
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 21:20:15 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 28 Jul 2022 02:09:34 GMT
ETag: "1e281f-9cd-5e4d4065d300a"
Accept-Ranges: bytes
Content-Length: 2509
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5
Content-Type: text/css
www.hegodev.com/wp-content/themes/bosa/assets/slick/slick-theme.css?ver=6.0.1
184.168.97.137200 OK 3.3 kB URL HTTP/1.1 www.hegodev.com/wp-content/themes/bosa/assets/slick/slick-theme.css?ver=6.0.1
IP 184.168.97.137:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash bb4dfbdde8f2a8d4018c1f0293a03483
48124e11e67a0721e4f080d170a111274b44a237
597978bca0f97e5bb3f70452c24f8a0c93db7f7229433c2a54706b85cdd39aa6
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/bosa/assets/slick/slick-theme.css?ver=6.0.1 HTTP/1.1
Host: www.hegodev.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hegodev.com/tds/aietqu
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 21:20:15 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 28 Jul 2022 02:09:34 GMT
ETag: "1e2861-d15-5e4d4065d3faa"
Accept-Ranges: bytes
Content-Length: 3349
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5
Content-Type: text/css
www.hegodev.com/tds/aietqu
184.168.97.137404 Not Found 92 kB URL HTTP/1.1 www.hegodev.com/tds/aietqu
IP 184.168.97.137:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (39248), with CRLF, LF line terminators
Hash 611cd140ac64d9ab66eb93803c3c9ed4
c4b15f6581d058d76201e617e4cbb83f3c0b4e5f
e91355e426c016a7bd5855ece4fe72696836ce1915aec0f76d13bd02c525fc5b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /tds/aietqu HTTP/1.1
Host: www.hegodev.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Date: Tue, 30 Aug 2022 21:20:14 GMT
Server: Apache
X-Powered-By: PHP/7.4.26
X-LiteSpeed-Tag: 6ff_HTTP.404
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.hegodev.com/wp-json/>; rel="https://api.w.org/"
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Content-Length: 91485
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8
www.hegodev.com/wp-content/themes/bosa/assets/css/blocks.min.css?ver=6.0.1
184.168.97.137200 OK 9.1 kB URL HTTP/1.1 www.hegodev.com/wp-content/themes/bosa/assets/css/blocks.min.css?ver=6.0.1
IP 184.168.97.137:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (9062), with no line terminators
Hash b9ac283162ab442e47c2a93644427dd9
81dc52bfc6a2423e1311ae5b19d181f67c2f2f63
5d6cfb1c0fc2369b1431f4d9335330813b754091270fe249fc77875e7f8cac53
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/bosa/assets/css/blocks.min.css?ver=6.0.1 HTTP/1.1
Host: www.hegodev.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hegodev.com/tds/aietqu
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 21:20:16 GMT
Server: Apache
Last-Modified: Thu, 28 Jul 2022 02:09:34 GMT
ETag: "1e281c-2366-5e4d4065d300a"
Accept-Ranges: bytes
Content-Length: 9062
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
www.hegodev.com/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js?ver=670
184.168.97.137200 OK 12 kB URL HTTP/1.1 www.hegodev.com/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js?ver=670
IP 184.168.97.137:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (12498), with no line terminators
Hash 5379f8e7d63c4a22411b123b0beb6c4e
c92aaa0b2e05c32e9378bd8b20d90c951f4278fe
ac8ba41f2ad11b9f60654e4550ab7a47ee85f4cb9dd50df9f362081ad5cd8a7f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js?ver=670 HTTP/1.1
Host: www.hegodev.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hegodev.com/tds/aietqu
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 21:20:16 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 28 Jul 2022 02:08:33 GMT
ETag: "1059d1-30d2-5e4d402ba7d82"
Accept-Ranges: bytes
Content-Length: 12498
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5
Content-Type: application/javascript
www.hegodev.com/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
184.168.97.137200 OK 1.8 kB URL HTTP/1.1 www.hegodev.com/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
IP 184.168.97.137:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1626)
Hash cd0eb3406096ff80266e7c9d7d419186
0e3709691bf96233766de30e2fd473b84166c5b6
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b HTTP/1.1
Host: www.hegodev.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hegodev.com/tds/aietqu
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 21:20:16 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 18 Aug 2016 18:55:30 GMT
ETag: "125b86-71b-53a5d2030ec80"
Accept-Ranges: bytes
Content-Length: 1819
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5
Content-Type: application/javascript
www.hegodev.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1
184.168.97.137200 OK 19 kB URL HTTP/1.1 www.hegodev.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1
IP 184.168.97.137:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (15660)
Hash 32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.1 HTTP/1.1
Host: www.hegodev.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hegodev.com/tds/aietqu
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 21:20:16 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 12 Apr 2022 05:56:23 GMT
ETag: "125bfc-48b9-5dc6eb878efc0"
Accept-Ranges: bytes
Content-Length: 18617
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5
Content-Type: application/javascript
www.hegodev.com/wp-includes/js/masonry.min.js?ver=4.2.2
184.168.97.137200 OK 24 kB URL HTTP/1.1 www.hegodev.com/wp-includes/js/masonry.min.js?ver=4.2.2
IP 184.168.97.137:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (23966)
Hash 3b3fc826e58fc554108e4a651c9c7848
76778fd446e2ff2377588a7b4ac4d79f258427c9
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/masonry.min.js?ver=4.2.2 HTTP/1.1
Host: www.hegodev.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hegodev.com/tds/aietqu
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 21:20:16 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 13 Jun 2020 18:53:27 GMT
ETag: "125bfb-5e4a-5a7fbb57c37c0"
Accept-Ranges: bytes
Content-Length: 24138
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5
Content-Type: application/javascript
www.hegodev.com/wp-content/themes/bosa/assets/bootstrap/css/bootstrap.min.css?ver=6.0.1
184.168.97.137200 OK 141 kB URL HTTP/1.1 www.hegodev.com/wp-content/themes/bosa/assets/bootstrap/css/bootstrap.min.css?ver=6.0.1
IP 184.168.97.137:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65319), with CRLF line terminators
Size 141 kB (140942 bytes)
Hash 62907ef14a08ac2199b60610b616d0e5
7ccf464455d57e73be3acf820ba77ee92ad4fc13
3beb48429a842d5c330b9b4cc0a518652e1eca16121f40bdc1d4c41e4ff1a08c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/bosa/assets/bootstrap/css/bootstrap.min.css?ver=6.0.1 HTTP/1.1
Host: www.hegodev.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hegodev.com/tds/aietqu
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 21:20:15 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 28 Jul 2022 02:09:34 GMT
ETag: "1e2811-2268e-5e4d4065d2c22"
Accept-Ranges: bytes
Content-Length: 140942
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5
Content-Type: text/css
www.hegodev.com/wp-content/themes/bosa/assets/font-awesome/css/all.min.css?ver=6.0.1
184.168.97.137200 OK 59 kB URL HTTP/1.1 www.hegodev.com/wp-content/themes/bosa/assets/font-awesome/css/all.min.css?ver=6.0.1
IP 184.168.97.137:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (59158), with CRLF line terminators
Hash 2b02a32c605d3ffa28f515e2d1bdec06
5de3c5c17420e859099fcdd6171fb1de120a7784
f6d1a8f876519eb7886b39c712c34bf11301da28736c79accc6bb1de6b5cd829
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/bosa/assets/font-awesome/css/all.min.css?ver=6.0.1 HTTP/1.1
Host: www.hegodev.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hegodev.com/tds/aietqu
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 21:20:15 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 28 Jul 2022 02:09:34 GMT
ETag: "1e2808-e7d4-5e4d4065d283a"
Accept-Ranges: bytes
Content-Length: 59348
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5
Content-Type: text/css
www.hegodev.com/wp-content/themes/bosa-business/style.css?ver=6.0.1
184.168.97.137200 OK 3.6 kB URL HTTP/1.1 www.hegodev.com/wp-content/themes/bosa-business/style.css?ver=6.0.1
IP 184.168.97.137:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1023), with CRLF line terminators
Hash 446c072be734dfeef92c6c0fcd58d3e5
6f6887ed8ac4c15bd62c83e851269ee9460b54e7
1e0e4ed341871efecdc00fcd1a0dc831bca813601bd9a5f513fc7f874a835bad
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/bosa-business/style.css?ver=6.0.1 HTTP/1.1
Host: www.hegodev.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hegodev.com/tds/aietqu
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 21:20:16 GMT
Server: Apache
Last-Modified: Fri, 15 Apr 2022 11:47:32 GMT
ETag: "e3f67-df4-5dcaff9d452af"
Accept-Ranges: bytes
Content-Length: 3572
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
www.hegodev.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.1
184.168.97.137200 OK 89 kB URL HTTP/1.1 www.hegodev.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.1
IP 184.168.97.137:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (43771)
Hash b7915926fe42d76e9c802353ab01dae4
3a8192a4312f25f53de25b100d62829c0f14d67c
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.1 HTTP/1.1
Host: www.hegodev.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hegodev.com/tds/aietqu
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 21:20:16 GMT
Server: Apache
Last-Modified: Mon, 04 Jul 2022 12:10:37 GMT
ETag: "12535e-15b64-5e2f99fa9e940"
Accept-Ranges: bytes
Content-Length: 88932
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
www.hegodev.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.7.0
184.168.97.137200 OK 12 kB URL HTTP/1.1 www.hegodev.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.7.0
IP 184.168.97.137:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1577)
Hash a76f61318af036823b08d73536486be6
31ff9b215dcef9151b9f4fc50ea91a9df1962102
abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.7.0 HTTP/1.1
Host: www.hegodev.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hegodev.com/tds/aietqu
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 21:20:16 GMT
Server: Apache
Last-Modified: Thu, 28 Jul 2022 02:08:38 GMT
ETag: "105ac6-2e7a-5e4d403037d5f"
Accept-Ranges: bytes
Content-Length: 11898
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.hegodev.com/wp-content/plugins/contact-widgets/assets/css/font-awesome.min.css?ver=4.7.0
184.168.97.137200 OK 31 kB URL HTTP/1.1 www.hegodev.com/wp-content/plugins/contact-widgets/assets/css/font-awesome.min.css?ver=4.7.0
IP 184.168.97.137:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (30429)
Hash c97c3824a8d6c5eb936727310d68fe87
f531d8edfb5d3178a7281d5d30d398fb3712d8f9
03dd4b22b7c6c6841f1df803d60d9a56a0b794c8f28b71705dfbb4ad052538d3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/contact-widgets/assets/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: www.hegodev.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hegodev.com/tds/aietqu
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 21:20:16 GMT
Server: Apache
Last-Modified: Mon, 10 Aug 2020 12:46:25 GMT
ETag: "e4836-777f-5ac8557aaea40"
Accept-Ranges: bytes
Content-Length: 30591
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
www.hegodev.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
184.168.97.137200 OK 11 kB URL HTTP/1.1 www.hegodev.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 184.168.97.137:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.hegodev.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hegodev.com/tds/aietqu
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 21:20:17 GMT
Server: Apache
Last-Modified: Wed, 18 Nov 2020 09:06:06 GMT
ETag: "125b85-2bd8-5b45debe27b80"
Accept-Ranges: bytes
Content-Length: 11224
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.hegodev.com/wp-includes/js/imagesloaded.min.js?ver=6.0.1
184.168.97.137200 OK 5.6 kB URL HTTP/1.1 www.hegodev.com/wp-includes/js/imagesloaded.min.js?ver=6.0.1
IP 184.168.97.137:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (5477)
Hash 3a56752b736635bf69cb069b8818cbfd
42e0951fe74bb3f56a30f51291823bcd4a84d76e
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/imagesloaded.min.js?ver=6.0.1 HTTP/1.1
Host: www.hegodev.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hegodev.com/tds/aietqu
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 21:20:17 GMT
Server: Apache
Last-Modified: Sat, 13 Jun 2020 18:53:27 GMT
ETag: "125be7-15fd-5a7fbb57c37c0"
Accept-Ranges: bytes
Content-Length: 5629
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.hegodev.com/wp-content/themes/bosa/assets/bootstrap/js/bootstrap.min.js?ver=0.8
184.168.97.137200 OK 51 kB URL HTTP/1.1 www.hegodev.com/wp-content/themes/bosa/assets/bootstrap/js/bootstrap.min.js?ver=0.8
IP 184.168.97.137:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (50758), with CRLF line terminators
Hash e47a9d976663a4ce4db5961af909eb58
12ca7264086b9e543605395947c6671edde9ac80
4f3faeec469294b610f6ca82aa1cc2b3368fd56611b31c551c2ee224feadb411
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/bosa/assets/bootstrap/js/bootstrap.min.js?ver=0.8 HTTP/1.1
Host: www.hegodev.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hegodev.com/tds/aietqu
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 21:20:17 GMT
Server: Apache
Last-Modified: Thu, 28 Jul 2022 02:09:34 GMT
ETag: "1e2815-c765-5e4d4065d300a"
Accept-Ranges: bytes
Content-Length: 51045
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.hegodev.com/wp-content/themes/bosa/style.css?ver=6.0.1
184.168.97.137200 OK 169 kB URL HTTP/1.1 www.hegodev.com/wp-content/themes/bosa/style.css?ver=6.0.1
IP 184.168.97.137:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1137)
Size 169 kB (169101 bytes)
Hash 3726e31b75bcab2c0a3892d61f00a1ab
974b80cc4488b3e6cfa5f39630cb31b58748e91f
a04395f2c7b446f33049cfe1ecddb0d9a1430889e2405bd89de47a073b92509f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/bosa/style.css?ver=6.0.1 HTTP/1.1
Host: www.hegodev.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hegodev.com/tds/aietqu
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 21:20:16 GMT
Server: Apache
Last-Modified: Thu, 28 Jul 2022 02:09:34 GMT
ETag: "12338a-2948d-5e4d4065d0ce2"
Accept-Ranges: bytes
Content-Length: 169101
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
www.hegodev.com/wp-content/themes/bosa/assets/js/jquery.slicknav.min.js?ver=0.8
184.168.97.137200 OK 8.4 kB URL HTTP/1.1 www.hegodev.com/wp-content/themes/bosa/assets/js/jquery.slicknav.min.js?ver=0.8
IP 184.168.97.137:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (8320), with CRLF line terminators
Hash faf3fdf912d0f77654f4e1b7f2e5f7ad
e7c2085507cf04d23450e1f82f053c333d84c349
7ee0bff42f17216e2d179773df183332a565a866a4b67eaeed1546111d4f283d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/bosa/assets/js/jquery.slicknav.min.js?ver=0.8 HTTP/1.1
Host: www.hegodev.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hegodev.com/tds/aietqu
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 21:20:17 GMT
Server: Apache
Last-Modified: Thu, 28 Jul 2022 02:09:34 GMT
ETag: "1e287e-20e6-5e4d4065d4392"
Accept-Ranges: bytes
Content-Length: 8422
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C400i%2C600%2C700%2C800%7CPoppins%3A300%2C400%2C400i%2C500%2C600%2C700%2C800%2C900&display=swap&ver=6.0.1
142.250.74.10200 OK 2.0 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C400i%2C600%2C700%2C800%7CPoppins%3A300%2C400%2C400i%2C500%2C600%2C700%2C800%2C900&display=swap&ver=6.0.1
IP 142.250.74.10:0
Hash 01ceb50be67997f8c78bd8a1d6f5bfae
93294aa2506737aab6bc94698cb88fcd924258d6
e5bc6d9828bdfc916a5cdafd598c26ec0926a249d94d7c93a43eb19f4ec17c75
GET /css?family=Open+Sans%3A300%2C400%2C400i%2C600%2C700%2C800%7CPoppins%3A300%2C400%2C400i%2C500%2C600%2C700%2C800%2C900&display=swap&ver=6.0.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.hegodev.com
Connection: keep-alive
Referer: http://www.hegodev.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 30 Aug 2022 21:20:15 GMT
date: Tue, 30 Aug 2022 21:20:15 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.hegodev.com/wp-content/themes/bosa/assets/js/navigation.js?ver=0.8
184.168.97.137200 OK 6.1 kB URL HTTP/1.1 www.hegodev.com/wp-content/themes/bosa/assets/js/navigation.js?ver=0.8
IP 184.168.97.137:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash e6a77e68a6b5d22c35272e47e908af27
024ebd47521baacf5cf6d3d7cfad304c2521a5ec
d68d3f7e57ff1d6b8dc13b5b01994bd93e3a423ea98a5a81225d2e4758fcb025
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/bosa/assets/js/navigation.js?ver=0.8 HTTP/1.1
Host: www.hegodev.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hegodev.com/tds/aietqu
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 21:20:17 GMT
Server: Apache
Last-Modified: Thu, 28 Jul 2022 02:09:34 GMT
ETag: "1e287a-17ab-5e4d4065d4392"
Accept-Ranges: bytes
Content-Length: 6059
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.hegodev.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
184.168.97.137200 OK 90 kB URL HTTP/1.1 www.hegodev.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 184.168.97.137:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65447)
Hash 02dd5d04add4759122013c5ab4dc5cc2
a45a56e396ac549b4ff39b696ce9e0c16a7612de
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.hegodev.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hegodev.com/tds/aietqu
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 21:20:16 GMT
Server: Apache
Last-Modified: Wed, 10 Mar 2021 15:07:24 GMT
ETag: "125b8d-15db1-5bd3006388300"
Accept-Ranges: bytes
Content-Length: 89521
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.hegodev.com/wp-content/themes/bosa/assets/slick/slick.min.js?ver=0.8
184.168.97.137200 OK 43 kB URL HTTP/1.1 www.hegodev.com/wp-content/themes/bosa/assets/slick/slick.min.js?ver=0.8
IP 184.168.97.137:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (42862), with CRLF line terminators
Hash 777da4aaf5b960636dec0fd4e50ba489
9a94038ccae90e6d2a0f9cb61f79ae7c70320287
e1a52c0a06fa9f65e015b02e7ec463fd621211a9d2ae44b6660597900e927fbb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/bosa/assets/slick/slick.min.js?ver=0.8 HTTP/1.1
Host: www.hegodev.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hegodev.com/tds/aietqu
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 21:20:17 GMT
Server: Apache
Last-Modified: Thu, 28 Jul 2022 02:09:34 GMT
ETag: "1e286a-a770-5e4d4065d3faa"
Accept-Ranges: bytes
Content-Length: 42864
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9829f3ffea1f304be0e54c722f9d5d40
f9609aa9bc142c1cff0788772b2bb1f9abc1dd70
1dcac98963add83d0646205786f56cc701574b69208cce02bb3ba1b080f8db73
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 Aug 2022 21:20:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9829f3ffea1f304be0e54c722f9d5d40
f9609aa9bc142c1cff0788772b2bb1f9abc1dd70
1dcac98963add83d0646205786f56cc701574b69208cce02bb3ba1b080f8db73
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 Aug 2022 21:20:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/baijamjuree/v11/LDIqapSCOBt_aeQQ7ftydoa0gebelJo0.woff2
142.250.74.163200 OK 11 kB URL HTTP/2 fonts.gstatic.com/s/baijamjuree/v11/LDIqapSCOBt_aeQQ7ftydoa0gebelJo0.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 10840, version 1.0\012- data
Hash 1dfdc31ff2064daaaf92877a90bed3b8
a538ee943a4cc54748827e91b91fb5932d3fde50
f5346003928ce35756d754b207e777261fc6b226caf252f5c07e302a3ed2accd
GET /s/baijamjuree/v11/LDIqapSCOBt_aeQQ7ftydoa0gebelJo0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.hegodev.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Aug 2022 10:51:16 GMT
expires: Thu, 24 Aug 2023 10:51:16 GMT
cache-control: public, max-age=31536000
age: 556141
last-modified: Tue, 19 Apr 2022 18:13:26 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9829f3ffea1f304be0e54c722f9d5d40
f9609aa9bc142c1cff0788772b2bb1f9abc1dd70
1dcac98963add83d0646205786f56cc701574b69208cce02bb3ba1b080f8db73
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 Aug 2022 21:20:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgshZ1x4gaVI.woff2
142.250.74.163200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgshZ1x4gaVI.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 16696, version 1.0\012- data
Hash 851255bc75bbde5522202bc66bca47ad
aa7ef04a80507e95574269c293361d9c89d76dc1
e7cba74abd33c24cef9652915738c63c891c517e3f407d0894f11a7aec9c015e
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgshZ1x4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.hegodev.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16696
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 Aug 2022 19:31:50 GMT
expires: Tue, 29 Aug 2023 19:31:50 GMT
cache-control: public, max-age=31536000
age: 92907
last-modified: Mon, 15 Aug 2022 18:16:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/baijamjuree/v11/LDIqapSCOBt_aeQQ7ftydoa0reHelJo0.woff2
142.250.74.163200 OK 11 kB URL HTTP/2 fonts.gstatic.com/s/baijamjuree/v11/LDIqapSCOBt_aeQQ7ftydoa0reHelJo0.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 10808, version 1.0\012- data
Hash 813e62d2193672e925a80aa9c4a85696
248768195074f87fd8bee6b45e87ab265d4ce7f1
2a257de7d16cbc56379bbeba00afc1533e9aee044331ef5d618ec6db47ba103c
GET /s/baijamjuree/v11/LDIqapSCOBt_aeQQ7ftydoa0reHelJo0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.hegodev.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10808
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Aug 2022 07:07:00 GMT
expires: Fri, 25 Aug 2023 07:07:00 GMT
cache-control: public, max-age=31536000
age: 483197
last-modified: Tue, 19 Apr 2022 18:08:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.hegodev.com/wp-content/themes/bosa/assets/js/theia-sticky-sidebar.min.js?ver=0.8
184.168.97.137200 OK 5.4 kB URL HTTP/1.1 www.hegodev.com/wp-content/themes/bosa/assets/js/theia-sticky-sidebar.min.js?ver=0.8
IP 184.168.97.137:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document, ASCII text, with very long lines (5370), with CRLF line terminators
Hash 9b7664fe260d1a57a13ca71507b43499
d07064a9d012bae3f256adfa7d021c40793c962c
fb242b5f299cd08ee579ad1b46e13cb235bb595dd10b03fab7dfadfc61103be6
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/bosa/assets/js/theia-sticky-sidebar.min.js?ver=0.8 HTTP/1.1
Host: www.hegodev.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hegodev.com/tds/aietqu
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 21:20:17 GMT
Server: Apache
Last-Modified: Thu, 28 Jul 2022 02:09:34 GMT
ETag: "1e2875-1537-5e4d4065d4392"
Accept-Ranges: bytes
Content-Length: 5431
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9829f3ffea1f304be0e54c722f9d5d40
f9609aa9bc142c1cff0788772b2bb1f9abc1dd70
1dcac98963add83d0646205786f56cc701574b69208cce02bb3ba1b080f8db73
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 30 Aug 2022 21:20:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.hegodev.com/wp-content/themes/bosa/assets/js/html5shiv.min.js?ver=0.8
184.168.97.137200 OK 2.6 kB URL HTTP/1.1 www.hegodev.com/wp-content/themes/bosa/assets/js/html5shiv.min.js?ver=0.8
IP 184.168.97.137:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document, ASCII text, with very long lines (2639), with no line terminators
Hash 3b40df82ff6a8bda5a97df7d43da8aba
2627fcb88f1b03aaa96c7ff5663c526271580414
89f280c948d1f1484534a9ddb872db305f19ce14cdf09a380362aac0ddf406de
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/bosa/assets/js/html5shiv.min.js?ver=0.8 HTTP/1.1
Host: www.hegodev.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hegodev.com/tds/aietqu
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 21:20:17 GMT
Server: Apache
Last-Modified: Thu, 28 Jul 2022 02:09:34 GMT
ETag: "1e287f-a4f-5e4d4065d4392"
Accept-Ranges: bytes
Content-Length: 2639
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.hegodev.com/wp-content/themes/bosa/assets/js/custom.min.js?ver=0.8
184.168.97.137200 OK 6.7 kB URL HTTP/1.1 www.hegodev.com/wp-content/themes/bosa/assets/js/custom.min.js?ver=0.8
IP 184.168.97.137:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (6739), with no line terminators
Hash 9f7947e2d2a685172ba89bc754533214
6de73a75e98c42889cbb745f21704ca34c9f6991
c192257b9c926c29214d7a95383645ce682da5b95c8f1feb6b525c9937168453
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/bosa/assets/js/custom.min.js?ver=0.8 HTTP/1.1
Host: www.hegodev.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hegodev.com/tds/aietqu
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 21:20:17 GMT
Server: Apache
Last-Modified: Thu, 28 Jul 2022 02:09:34 GMT
ETag: "1e2880-1a53-5e4d4065d4392"
Accept-Ranges: bytes
Content-Length: 6739
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.hegodev.com/wp-content/themes/bosa/assets/images/bosa-360-200.jpg
184.168.97.137200 OK 30 kB URL HTTP/1.1 www.hegodev.com/wp-content/themes/bosa/assets/images/bosa-360-200.jpg
IP 184.168.97.137:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 360x203, components 3\012- data
Hash 624934584c27faf93df0f15f1ab5f7c3
ecd3df25050330a2ce11d4e1f7e8e22b2229eb95
29d4c1b20b4ed7a5c8e399e46879567e0f31f7b75205dd6355cc455382b14aa1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/bosa/assets/images/bosa-360-200.jpg HTTP/1.1
Host: www.hegodev.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hegodev.com/tds/aietqu
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 21:20:17 GMT
Server: Apache
Last-Modified: Thu, 28 Jul 2022 02:09:34 GMT
ETag: "1e282f-739a-5e4d4065d33f2"
Accept-Ranges: bytes
Content-Length: 29594
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
www.hegodev.com/wp-content/themes/bosa/assets/font-awesome/webfonts/fa-solid-900.woff2
184.168.97.137200 OK 80 kB URL HTTP/1.1 www.hegodev.com/wp-content/themes/bosa/assets/font-awesome/webfonts/fa-solid-900.woff2
IP 184.168.97.137:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Web Open Font Format (Version 2), TrueType, length 80252, version 331.-31327\012- data
Hash 9ae050d1876ac1763eb6afe4264e6d5a
72344eab2e7431eec313caa21f266cbfda7caf60
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/bosa/assets/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.hegodev.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.hegodev.com/wp-content/themes/bosa/assets/font-awesome/css/all.min.css?ver=6.0.1
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 21:20:17 GMT
Server: Apache
Last-Modified: Thu, 28 Jul 2022 02:09:34 GMT
ETag: "1e27f7-1397c-5e4d4065d206a"
Accept-Ranges: bytes
Content-Length: 80252
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: font/woff2
www.hegodev.com/wp-content/themes/bosa/assets/images/preloader1.gif
184.168.97.137200 OK 63 kB URL HTTP/1.1 www.hegodev.com/wp-content/themes/bosa/assets/images/preloader1.gif
IP 184.168.97.137:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type GIF image data, version 89a, 200 x 200\012- data
Hash 8dcded3fdd091aa5b246b71d2530bfe1
2ee3df6e0a4fe97be6b130073f1ff9ebd8c59776
a6b39aa2e4c386e851a3a62c5c2a146bdf011130b7fbf760b9fdd93cbc8354ba
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/bosa/assets/images/preloader1.gif HTTP/1.1
Host: www.hegodev.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hegodev.com/tds/aietqu
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 21:20:17 GMT
Server: Apache
Last-Modified: Thu, 28 Jul 2022 02:09:34 GMT
ETag: "1e2849-f740-5e4d4065d3bc2"
Accept-Ranges: bytes
Content-Length: 63296
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/gif
www.hegodev.com/wp-content/plugins/contact-widgets/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
184.168.97.137200 OK 77 kB URL HTTP/1.1 www.hegodev.com/wp-content/plugins/contact-widgets/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 184.168.97.137:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/contact-widgets/assets/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.hegodev.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.hegodev.com/wp-content/plugins/contact-widgets/assets/css/font-awesome.min.css?ver=4.7.0
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 21:20:17 GMT
Server: Apache
Last-Modified: Mon, 10 Aug 2020 12:46:25 GMT
ETag: "e483f-12d68-5ac8557aaea40"
Accept-Ranges: bytes
Content-Length: 77160
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: font/woff2
www.google-analytics.com/analytics.js
216.239.36.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.36.178:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hegodev.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Tue, 30 Aug 2022 20:29:41 GMT
expires: Tue, 30 Aug 2022 22:29:41 GMT
cache-control: public, max-age=7200
age: 3037
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.hegodev.com/wp-content/uploads/2020/09/cropped-image-1.png
184.168.97.137200 OK 6.6 kB URL HTTP/2 www.hegodev.com/wp-content/uploads/2020/09/cropped-image-1.png
IP 184.168.97.137:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 135 x 74, 8-bit/color RGBA, non-interlaced\012- data
Hash d00f913aa1e1765eb74ed5d4956150c2
ef2e07c16e3925f1ff81abeb19f0a78aeca57f3c
ee599d1ea592c3f277f3490e3e235f0f651ece900b0115c0ccf59ce26eb410e3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/09/cropped-image-1.png HTTP/1.1
Host: www.hegodev.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hegodev.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 14 May 2021 09:07:54 GMT
etag: "105cc7-19ee-5c24694418095"
accept-ranges: bytes
content-length: 6638
content-type: image/png
date: Tue, 30 Aug 2022 21:20:18 GMT
server: Apache
X-Firefox-Spdy: h2
www.hegodev.com/wp-content/uploads/2019/07/cropped-logo-1-192x192.png
184.168.97.137200 OK 16 kB URL HTTP/2 www.hegodev.com/wp-content/uploads/2019/07/cropped-logo-1-192x192.png
IP 184.168.97.137:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 23e67b3cc8116da08956c8d4a0ee9225
fff010d8c75986622a6420e33874be87e4ada87f
8e1ce6ec05ea6a9e4d73ad7001700ad37a6822edfd0b294798c3f4d196eafbe9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/07/cropped-logo-1-192x192.png HTTP/1.1
Host: www.hegodev.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hegodev.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 14 May 2021 09:15:40 GMT
etag: "106324-4016-5c246b004e60a"
accept-ranges: bytes
content-length: 16406
content-type: image/png
date: Tue, 30 Aug 2022 21:20:18 GMT
server: Apache
X-Firefox-Spdy: h2
www.hegodev.com/wp-content/uploads/2019/07/cropped-logo-1-32x32.png
184.168.97.137200 OK 1.6 kB URL HTTP/2 www.hegodev.com/wp-content/uploads/2019/07/cropped-logo-1-32x32.png
IP 184.168.97.137:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 03822edfaa067a4256a25dce153e3635
fd87b194bd75986e279af32022d66698d9006834
2c231e7f447b515fad85311307167472c20885dc57033874bbd5ced4390248c1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/07/cropped-logo-1-32x32.png HTTP/1.1
Host: www.hegodev.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hegodev.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 14 May 2021 09:15:40 GMT
etag: "106322-611-5c246b0089f2e"
accept-ranges: bytes
content-length: 1553
content-type: image/png
date: Tue, 30 Aug 2022 21:20:18 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Bai+Jamjuree%3Aital%2Cwght%400%2C200%3B0%2C300%3B0%2C400%3B0%2C500%3B0%2C600%3B0%2C700%3B1%2C300%3B1%2C400%3B1%2C500%3B1%2C600%3B1%2C700&display=swap&ver=6.0.1
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Bai+Jamjuree%3Aital%2Cwght%400%2C200%3B0%2C300%3B0%2C400%3B0%2C500%3B0%2C600%3B0%2C700%3B1%2C300%3B1%2C400%3B1%2C500%3B1%2C600%3B1%2C700&display=swap&ver=6.0.1
IP 142.250.74.10:0
GET /css2?family=Bai+Jamjuree%3Aital%2Cwght%400%2C200%3B0%2C300%3B0%2C400%3B0%2C500%3B0%2C600%3B0%2C700%3B1%2C300%3B1%2C400%3B1%2C500%3B1%2C600%3B1%2C700&display=swap&ver=6.0.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.hegodev.com
Connection: keep-alive
Referer: http://www.hegodev.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 30 Aug 2022 21:20:15 GMT
date: Tue, 30 Aug 2022 21:20:15 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2