{"report_id":"f838d317-73bf-4e64-8a04-4e1a0a5a0bfb","version":0,"status":"done","tags":[],"date":"2026-06-24T12:20:04Z","url":{"schema":"https","addr":"app.heodox.com/","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"104.21.93.61","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"app.heodox.com/","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"title":"Heodox: Most Popular Online Crypto Casino Based on Blockchain","dom":{"size":1071642,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (60588)","md5":"a3b728eda6b56932c4bc4d41b607d8d9","sha1":"40b0ca46761d23a182e43602294961cc4eae3131","sha256":"8bbfd76a19d116d289276cd78a37651aa6bb5b9f53c376ec7fec1b5f1607825c","sha512":"49870444c42476d065f9b362b808a274df282ae3f804a0c9e76f65759813cba73dc0034c4614fde47ae1feab164966f12a2678889656612f2e555c3b27a80bcb","ssdeep":"12288:qWJ24cvYrexWJ24cvYFSN87vIomx0wgH+vVKSN87vIomx0wgH+vV56:7/cEeg/c7NgvIh/VvNgvIh/V56","tlshash":"0d35cfb963580af4f34997ded961786832fa34ffbff58048d2162e8601a999d4d0c8d3","dom_hash":"domhash256027d961fb4f4d3674dc7184901c72","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"app.heodox.com/","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"104.21.93.61","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-29T12:20:04Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"app.heodox.com","ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-06-04","domain_rank":0,"first_seen":"2026-06-24T12:14:59.039208Z","last_seen":"2026-06-24T12:14:59.039208Z","alert_count":204,"request_count":68,"received_data":21292249,"sent_data":50834,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/8648-b9a24ba9b5bc0c95.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c518a3c90735027f7cf5e9ef51ba7e98","sha1":"243286f759a81ab0181dfa9e0f59e921228fe251","sha256":"17d24cd943de714ccbe4843a893186f4f9d7aa59277390480544a6008f41de2a","sha512":"611e7cddd315b0bf165c9a47866cecbcb4b7392c5ca210d60061a5bffb50af442e8648cb418bfc517e37b76c4a3f0756103a932fea6e289fcb6229a2b97f750f","ssdeep":"1536:Trle2nu/m82CFnMxwZCLVfvDzQjFY69xAq3CDQJUO9fEVJoZ1NbpGGVitgmdAYb6:TYUH821Nu95SQJxfwURk5bseKbsK","tlshash":"01e3e889f191f2fca6a224a9412f444ef22e3f4ce5255410e6f8dc083a586d9bb37fd5","size":144939,"data":"","first_seen":"2026-06-06T21:26:14.912411Z","last_seen":"2026-06-24T12:20:30.389699Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/7580-1e05813e2213c2fa.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e95d3438a4d191ec149a209f2321321c","sha1":"ad5631919f911a7b20854095d4cf3b10658d364a","sha256":"764376cf71ad9d64078ab383b8c383387c50daaebed8409ce6573c4674206551","sha512":"3a4b0fdea4b4cb0a24f7005fd2f41a3473e46b7e5206716718550f868b2249856ca610de63b4c2a8a6e6113480cff06728878f0aef293c7c300276c174579336","ssdeep":"24576:K/cpQlKxQvBIVV/7x6XomFnoMBnxBqyk5QqBQqn:K/eGGqo6YmW","tlshash":"f96539298a6502fdbf596c80ca43345a8fe296137fd789fccaba6e1447b46df0301e51","size":1451511,"data":"","first_seen":"2026-04-13T13:34:34.697666Z","last_seen":"2026-06-28T13:46:09.867728Z","times_seen":4363,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/4577-b61d38b6b034d783.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"41103c0b0ac58161ba21e497c169a924","sha1":"c88e93fcd1195642c4470d4016f019ccd079aa1d","sha256":"be4819967273ae5cd6b750269b38df275e7de51ed59c459e52be1a3215abcec2","sha512":"008a7a566b759f0ad50cb551e1456f93aac047c0ae8c195c29e7a590acc5cc5a447be5e6dc17109e5de66ac7dde5a1a6055e83f64fcfc296ee418150c4664491","ssdeep":"12288:GxIYTLljXNW4D93yq3F/1hWJ24cvYkwl/eH3q0kCwI3UxrfZfM6A333xJUgHAsA/:3/cpXlKxUvBIVV/7x6XomFnoMBnxBqyg","tlshash":"8355c42d8e6641fdaf186c81ce8770658fe2c6432fd785e9dabb6d204fa158f4301e61","size":1365559,"data":"","first_seen":"2026-04-13T13:34:34.693793Z","last_seen":"2026-06-28T13:46:09.863538Z","times_seen":4364,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/4212-38fe49b6236c7c6b.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e1ee028598eb24e7427f83baa42198b2","sha1":"29ecf0ab8deb78392a4121a31e2fb63c764ce99e","sha256":"108693690d6f21f1942f276dc1e12eef8524ccb9678e1faeda902063ab3b2f0b","sha512":"71bd29cc66d0adb5ad11cba3d95baa883771712afef080e8b1f7a9c107dd9beb2404a2c43dd616aaf717ba69cfd4786e0c801ff3d88b6d201b8156124535fbd3","ssdeep":"3072:IxvuXFqhT8pi01EOUIMdda2zZ9GFOTASOeBTny//G:qvmFqh7MEOUVL1TASOeBT8e","tlshash":"ccb33b9972d0fd9d3bf3946a8c1fa40ee2795c2ed42d710462d9c83c72599c8e136bb4","size":114414,"data":"","first_seen":"2026-04-13T13:34:34.631899Z","last_seen":"2026-06-28T13:46:09.855881Z","times_seen":4365,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d4f58df8ef556437633bb90cc31469c4","sha1":"c1c713bb5046a54cb79a8e7537b6d7fca624fd45","sha256":"2dcb2e50c883929aebb7a64a7a22cfe2260d856a3c36a6926c082da19c552b7b","sha512":"54c8a79f5897cd198db689700c24f950ad7fe19eed815f8bfa0e47428701d8c84a1fd8f677a6f1b2a4f1443f35f2dbd19e6f456ceeebfb1c59275bb356e1a5e9","ssdeep":"","tlshash":"bfc02b041427c47b421c6f4dc02243d4e4b020bcdc492480801d181800d0c313b40cd6","size":130,"data":"","first_seen":"2025-03-25T18:26:20.414558Z","last_seen":"2026-06-29T00:31:45.10856Z","times_seen":48590,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/3980-010af18f0f321f6b.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0ebe2885d4d5b7870215ed1d746ae08f","sha1":"ececc6607c16410aa62783cea6de95557893c3ca","sha256":"68eea241c058d3a7c5cd5eb609397e4d833059221ade7f5154e9f68da97ef40f","sha512":"a14e01fe32f03659c957c6d5c9d01cc20c71308424cf842a7d178aa207358e270a9f531acc7d37e285a34fabd655ad88256cd82143dc1828eda771bc46bdbc91","ssdeep":"12288:9Fw3/38CUqBZw5AcYk0G2KVLCfEQ4HAIrBM6k18xyBByFt:uB7KFrR2BBU","tlshash":"3cb4c60ff3e4bbad26b57666be0f537ab31c2cb9d714e81496a9f0152344ca86135bc0","size":514070,"data":"","first_seen":"2026-04-13T13:34:34.626821Z","last_seen":"2026-06-28T13:46:09.851189Z","times_seen":4366,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/3047-780ecd63e8341fd0.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1a45ff6317fa4327137123bb7bfa8d4b","sha1":"bc1ead1c1e57bc9d70d9ce61b6580fcff62dde6b","sha256":"52347ddc20c0cf9d1a0b8d9b4f7324defd9706465148f58c081f4c07848b1d65","sha512":"714d24afd1fc0a2eda39f7f9793701b61d9b29be01f251c4cbac43a76732bd29c0352d99eb68cb43e69e5670f847ea3e8b4ee9593188b64937437621993ec32b","ssdeep":"6144:fT+0+Qhv42Fh0idHSlq9p0jy79DMHyPCij6MIVs/e5rKYfxGAaXaifqUMjuTH8NT:rrfOR1","tlshash":"d3644ac871c1f4a8929361a6803f050bf23d2e2de45d9454e2a9c8d87979dcde237fb9","size":316805,"data":"","first_seen":"2026-05-13T18:10:45.788088Z","last_seen":"2026-06-28T13:46:09.846185Z","times_seen":4313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/6544-b0711005848a5ae1.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"39a5893ca0e9dde921d815faef0cca25","sha1":"bf860904497bd9c873fbc6c44eff66b61d990a44","sha256":"69a245030c2015ad280eedf3d0e5c896f8672d6803277ee2b15aa20e24595450","sha512":"439a73175b07db2985b9bc16ca9a6b5a029a041d3285e4c6c6e74e3749a85c41cd2db6a0999dd0aad865f389558e77a38bd1e42f36a27d3ee02a6731b9cbfc8b","ssdeep":"3072:LxF1G4zn2Qbx7Lg5H+vCWpduOhWr8BqUH9d8YFdNWRmfewJTLiAezha1h5L2iQfS:hO459yOCd8/qGwUM3qMz74SIxTrt","tlshash":"3a15321cc778b7b12fed398936490c3fd66db570d7a202566994b3fb1088ce0506abda","size":932011,"data":"","first_seen":"2026-04-13T13:34:34.701686Z","last_seen":"2026-06-28T13:46:09.803417Z","times_seen":4364,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/19-5bece4aba82fb776.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"499ae782218e46ba0165104a99a4ba64","sha1":"dd6335c8003db8dc40f3b6e5fd9ec389bd5679a4","sha256":"7930fcc2462bd18b8f3559392d9d610cb2a4cf2aad270fc533012c2fa8560ab7","sha512":"71885acc13827a064e0430afe760dadfaf8afacce9f7dabc324d265d126140a62d9baac56cb09e1725cfedc955eba79c0828bd9891ee524aa7d19448c1557aee","ssdeep":"12288:EW2sqZNSN87vIomx0wgH+vVWQo7AN3zoMaaql++gWuWUC4Qj8zINa8DPeo7B53zW:9NgvIh/VSUVPyzLW3fxz","tlshash":"02159459ca6602fd7f586c81ca4770698ed282136fd78afcdaba7e1447b0adf0301e51","size":936675,"data":"","first_seen":"2026-04-13T13:34:34.636004Z","last_seen":"2026-06-28T13:46:09.839185Z","times_seen":4365,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/249-0939437a59f2504a.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c3f51dd99a0be861049ebd4632a3542e","sha1":"3d08751beaf09ce31d44722d42da0650b0fc914c","sha256":"10976f7c91d6bbc5f35b9cd987501ad59a99b2a162a74b0ecbc9341afd0322d4","sha512":"4d67fb8e55edf461b142a253a2a20b675c1e9bf2c65ccee6af44d85dcf05b0467b1ce35a7f96a0f8cacf5c0e5c22ff530754f8286ea07eb6d339d72dae198c76","ssdeep":"3072:BF4UMvqBX6EG8q4H7GRxe8JTDUkan3busQd1yKlvRnTT/vD3Y46m+OEL4uFAQNgu:34UMCBX6tdDHV5kD3QPRuN","tlshash":"3d54fb0cf7fdf3b919ec389a364d0c3bd9a83a35d3b5625249d0f3ea9444cb4016a6a1","size":281586,"data":"","first_seen":"2026-05-13T18:10:45.999462Z","last_seen":"2026-06-28T13:46:09.83471Z","times_seen":4313,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/8824-ddffb509a90576a1.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"88138b1397ee14b04ead267aa44c4196","sha1":"760b927bacdf81d73a0f2084bfb3ce7a76478e63","sha256":"a2d07d31470b51490786beb8167c7fafeae5a0236cb44537c4dc8857b3c448ce","sha512":"9841fadaed80aabc013a0fdccff0b1356d14a06a2952bfc883dabd299aa5fd9a4369b504e8ac7d28f47c27573be3bb4b94b08d389d3836697c2334185931304e","ssdeep":"12288:3fB+XoxJuhu/v7uV3rIPE8zGglvb9hsm8sMQMNIYsUKwJAsTF4Xylyz+hYsUUIJM:vGgthhsnR0yF4XylryF4Xyl+","tlshash":"94a4be69da7112fdef516ac0ca177015dfe6a6936fc789e8caf6ac040bb05ce4301e91","size":492118,"data":"","first_seen":"2026-04-13T13:34:34.606306Z","last_seen":"2026-06-28T13:46:09.810407Z","times_seen":4366,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/5917-79f62dfd025e2ed8.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"bb80b5a8ada3602b57a3c17a8572408f","sha1":"f7f9937e1e9217a70423a3f93fad1797e7f788c5","sha256":"e81e7a5ea2d402edd781988e9aa30e89bce287f5d2093be45b2d280a1cdd5468","sha512":"a6d5638678a681b91f3ce72a06d0ca44ac5e8274d1615b353455a334b9033d0a508a42a19bb914e39a71aa1cfa70809baa8f0d0cc195cd3a8a72a7dd3427af59","ssdeep":"12288:m9kU1wEKxHLIPrsjbDcvnTJmP0I8y/PEg3Ahkz1epv3BoKuW+xMQT1y5EVNy5EVJ:mrwEQ9OfeH","tlshash":"4835bb4887aa42ec6f9d6d80c607744a8fd69513aed789eccbf9be141370ade1311f42","size":1153840,"data":"","first_seen":"2026-06-24T12:15:04.90529Z","last_seen":"2026-06-24T12:20:30.462373Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/5669-ed334c2dbb466446.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e6438c3dec7c2f8d1a4393aac0a9f590","sha1":"931f6f0648b68a394c0558fbb95934a059b7756e","sha256":"435b360ed59df86f97765d5fb68e6fa87486367009d059ebb558ef68a88bea43","sha512":"d78d1e4cb985aa6e6402fc821f4abd3f7d4db574d6d5e328c6eedccd61816ae5138844a368dfd471fcd1ee62877d851efebdbc1c9c93d3dc664bdc7d90de3258","ssdeep":"12288:+3PyxSJSN87vIomx0wgH+vVUqmAStvp1H/llr9dhLR5EdNbE3aYAiLQDEmAx//pd:jNgvIh/VKdVPyzLW3fxp","tlshash":"2455521ccf9201bdae58adc1ca4770254fe286531fd789ed96bb7e204bb1a9f4301e61","size":1370944,"data":"","first_seen":"2026-04-13T13:34:34.695086Z","last_seen":"2026-06-28T13:46:09.859427Z","times_seen":4362,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/1342-e39ae382517d6e27.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6b0b6471e752a72a4a67baffa5e490d6","sha1":"b22ad340a0948c9fd128ad7703281b20d3a2f91c","sha256":"4234be7a3de7cd09bdecf233b7e03b08945e08acbfe8203227aaa856f378c39e","sha512":"77a017b0409437148709f41743bbcf186ac0f144c7b82d60f8aa9b5c383587a655f7ee6ff2e7d8d1253bda8d234f6add0b224c6dad08dde55a6b9a4a421f2f41","ssdeep":"3072:2XikgRVZiU7NiK6xkdF3GK0/NtT8aH7fwTqdypuWw+1sGKIzXBX8zY72ibkhfv06:2XNUpieiztQyz4zMV","tlshash":"7565cde8678526e5bd4cddca5940b4ac007980370dfbd1cceb2af4e740b87b746a9d26","size":1449011,"data":"","first_seen":"2026-04-13T13:34:34.691135Z","last_seen":"2026-06-28T13:46:09.862551Z","times_seen":4360,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/9796-477f833bec802edf.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3cd700563cd8e58c974d39b5117025a1","sha1":"8adb06045734081c226292a64b902365df367e22","sha256":"92c3493cdd4b2f4c088fc3c1aad125fee7a6efff6470de708bb5363e2c2b9e48","sha512":"89bd514505d7f05dc1d6d9124541bcc8aa98cb80bb21ecbf2ce07e05c4f9767ed6ff1f2ce6a99f5a994cdc9801fa416e5d37ef0bc5c046b18d4eb13df3a033db","ssdeep":"6144:cX68qDg+HzhjzH4Bs5ivB1hPYbRm0XiGwgwKZ7hmcVQoDMEFilOHIUJW3bXlB/C1:VjzH4Bs5ivB1hPYbRm0XiGwgwKZ7hmcJ","tlshash":"eb44101c8f7242edbb187c80ce4770698be586466fc784d8eafb5d244ba05ce5342f66","size":261678,"data":"","first_seen":"2026-04-13T13:34:34.615711Z","last_seen":"2026-06-28T13:46:09.846966Z","times_seen":4365,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/9564-0cf3b4f099c86954.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f1133f31f38a7764ffc9bd1b3df097e8","sha1":"d5d2b6cf4dec8e50720d6754d015bc4736f6c72e","sha256":"5aec2933ae085f9a1203fac9a6a05a2dbbb5a4e92ceb66b1124084dae588afbc","sha512":"abfc85e1473134449c3ebe247ad09931b39c01a2b43e65ed5f863b30b2d791ee25b24d9335cb778771683c3ba87d996ddbabd6668d089e932c3e8d57d92cac20","ssdeep":"1536:sAvhk/n1ED3wnpzktrXFlnEA8aqLE4++E/NL7:sAv6/n1cIzk9FlnBCLE4++E/N3","tlshash":"9d531c8cf3d4f2a927e670ba283f1c3bd12e7a34971990645794e6b42549c885233bf9","size":61557,"data":"","first_seen":"2026-04-25T11:58:25.658808Z","last_seen":"2026-06-28T13:46:09.811249Z","times_seen":4352,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/3121-84e2be85f77396fc.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6b869f389beaf6b6ee305c2aba742110","sha1":"616f5957c5c11da916d8ffedf458597b7612b071","sha256":"ff0cef3d5e2eb5fd8fc70bd3af62141c28494e8218ca265cf9a5e5928df7818c","sha512":"9ddf70d0dd79a02c44d6a335d5170723a18ae5b4981c674756d69075f92eec44f398da73f2145878630de71aafa77e6da60cdb26bd138667b448dee4d3b1582f","ssdeep":"6144:A+AiF7KKW6WUSoMtIn9Ghv37xQnp87m0Sw/KKSUSOYYMCI:lY9C","tlshash":"eb242b497290b2e817e762a9547b282ef22f7d3cd222691477d4c87c3349dc8913af9d","size":224282,"data":"","first_seen":"2026-05-16T23:25:48.532058Z","last_seen":"2026-06-28T13:46:09.845411Z","times_seen":4306,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/5358-6b6066a7c5be067e.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9156598b1de03a5170a70624dfc8177b","sha1":"b3492044b8717c0f42193be8f4e8f28a82e1350a","sha256":"a766f5b00eece4fff39e14883d3fd3b1d296272714633a36d9fceb8216d72c68","sha512":"766eb2ab0245999d24dcaa587fafe34ee2312c4d10e89f6f13f8cc4269bd1af69ad6e7332d59a1b2c509a2646875092e7403a98036288c030cbcd41ec7290a61","ssdeep":"12288:xHJlmOl48cdPyBOpIwGAWA7k3ghrhanjqv:JmOl480yBOpJBhrhan2v","tlshash":"7225190ea7d473b41bda3149364e4d3fe25cb638c352d016a5d6ea7d228cce4613bb98","size":962608,"data":"","first_seen":"2026-06-19T17:10:47.222323Z","last_seen":"2026-06-28T13:46:09.835583Z","times_seen":2884,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/5709-ea7a4340808316a5.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"86062450ad0d41acfde933cd4f31953a","sha1":"98896280abf82e8d70f2741c3bf515ee52f3ed6f","sha256":"3cb93241a78f6343802542c1727fb0a279298acc8f51e60a02cb392edde1a38b","sha512":"0665d5a1dccbf6ba1d6228806d8d71fadfc66ce0eee617eb20d1849de6b54b0373632e91bc6f6479e2e81d881ef965b481ee712fe221a4e14ad2fabf935b079f","ssdeep":"6144:7nRjnRVLWQuV/er6qcEhJMQslkFN0bbLTYGifRh3Y:TuY3ZslkFN0vLTYGi56","tlshash":"b165278c67b5a3fcf505b3f8892b58747e6a38fabb51c438c3e98d14e1510ac89658d3","size":1454652,"data":"","first_seen":"2026-06-06T12:20:43.204834Z","last_seen":"2026-06-28T13:46:09.858324Z","times_seen":4232,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/3715-1862ad9008505962.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2927eacb55a6224ec8cd6caca3db99c2","sha1":"a2bad0fd2d18b815ca48407464d6402918345813","sha256":"08f764ea42a0be91df8df5d26c417926f70a6721d2ec38264a3a28f13a98f974","sha512":"a5763ae91e2fbd84c6843f454a37179ae3083d4288200cd9570e88eaf655d5e1dfacbfaa5feecc671ab867d991612ca4464fcbea23a406e706e19799d9245a69","ssdeep":"1536:G8iMZeCMcsspNYlpAsz1jzsRr3KTArL7ml1C+Rmsqq99WsA:JiQensTQmYBLe","tlshash":"6683c764f1e0f6d4e1575399c92f460df12f2eacea25782cb3f5d818b7044d8622eba4","size":81522,"data":"","first_seen":"2026-05-16T23:25:48.524516Z","last_seen":"2026-06-28T13:46:09.82712Z","times_seen":4305,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/9338-742398fd846a71c9.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"35949001400b87164feee5e87bb4d21b","sha1":"5fca2da66ae0589889299bbfa3d213e5e04c9709","sha256":"16ed0b2c2e53f93201db0a8b5787453855e66151890115a58c93605771ee912d","sha512":"b7873b0ad7fc8671962347515c0f6555a6cf4b524b3da006d4dfd697db93634a65337b5d24c1802baf802dde2fe3e8bdb81254baf08f4f7f44f3c5355e62bd4f","ssdeep":"12288:ypzOZxRLLD3iWRSM9LAlsr1TxmBY3gM1+7Yj+fjxl:ypSZxRPFgl","tlshash":"fc35a35a408827922bb37695269bdc0fa01ef52cc743c464b791c57e26cd9c8a27bfdc","size":1139216,"data":"","first_seen":"2026-04-13T13:34:34.708599Z","last_seen":"2026-06-28T13:46:09.861459Z","times_seen":4361,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/2366-925fc85d237b17af.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f7911660cff2a47fdbc9415ace2e3188","sha1":"3ab908a0337f5ba043a079b563d3c584521ece41","sha256":"4a2741bde36436647e2ae672eb2ef1262c83541e3d13784b48cb37b165bddd8d","sha512":"e21a40e23085dd405ca6c8473453fabc4c7df8999a472fad7a94a4f26856b2d5ebbfcae375412db956a96f92cf7f630b5804e5090ac19f22eb4b7a1022c96b3b","ssdeep":"","tlshash":"54f09e9920057c387abb4c02096e8c2a287c3572be091581e707c5a0009faf85170e9a","size":467,"data":"","first_seen":"2026-04-13T13:34:34.684954Z","last_seen":"2026-06-28T13:46:09.794351Z","times_seen":4366,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/4310-53eb2d994601d39d.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1cf0afc09bb69320084b8de536c82c15","sha1":"b366ac3a2df29aa97110376475fc08e2b310e168","sha256":"5f6628bec7be06e9879a734589c7ccc242657acecd391f739a86d88f2597b1ee","sha512":"cb32c35ceec0ed7c3b0cbb53eef1a7754053eb228fbc9c1aff2abc56eff7aeccbac081b3fa583f2ebf3ba836f3ea808e269b380636f9fb04b3c887f425900bc3","ssdeep":"3072:PSHoE3ssKaFRWxTDF0+uoWTr/9CPxZi2rbG/r0mJo46W6E9bVWqnEbvY:wb","tlshash":"b734370cd7bdf3f51eec389e36490c3bd5a9763093a5426688d0b7eb5485cf400aa79a","size":241643,"data":"","first_seen":"2026-04-13T13:34:34.704197Z","last_seen":"2026-06-28T13:46:09.818709Z","times_seen":4365,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/7185-909ee90aaf995ae0.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f872fce468fe11bc2d553d3a1cb1728d","sha1":"64f7d375570dfb04f81e3aa3e290b4e9db422055","sha256":"ba29effdc23ab00f7e5b7ee690b711c4e750ab4bd60e6892ac7b2654c7dc089c","sha512":"2ec2637d1dde4852781820a9174ab4ce112fc7cd9a84cd893520aee7d8d485e9e465ae3b1a7856959d8954c60d09d88f75d513f842af5017f62df6ffd14169ef","ssdeep":"6144:QM59C1szfrCWDw32B9SKUVG1DmeSafWTnp2iYEGeuD+ji8ktmHUVYL83uS2a46G0:mO7w3qEKUVG1DmtafWTp2iPxKvN","tlshash":"e7e45d1d72c072ac17c363659a2b581ef36e596de125a804e3dac93c325ddccf13aba4","size":714479,"data":"","first_seen":"2026-06-24T12:15:04.841116Z","last_seen":"2026-06-24T12:20:30.390965Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/direct-router.bundle.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f589e6e05857a1cf881cfc2a05ef7e9a","sha1":"8d8a58344a1e44416eea1555fcd2f024cd664087","sha256":"6c15c81fe6c86f71b4504b7437ba52be08619e4d694cd27c7e9b601344ef109d","sha512":"7c02b9b887c6c34948f9da8aba844a3001090f0fd2b4bcc3bf0c09ca47d585c36badeb264a193e9ed021f11ffbcc016977e11ff772841433e714f643523f2d1a","ssdeep":"3072:vqSp7BygEFCXqLkT5vd5XnTWhNIhdmkIxWjlP3/1JqobepmMGWR042:vqSp7BZaiv/ukIxWjlP3/AmMGw6","tlshash":"6b241aa93a95f1226ab3027310df5803733d352b280d4d61a511ede9b4b845eb17bfaf","size":220065,"data":"","first_seen":"2026-06-24T12:06:23.502088Z","last_seen":"2026-06-24T20:46:08.213669Z","times_seen":318,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/3585-1a2341a418cc0f3b.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d66e895831146a3fcda6c0de48e66fbb","sha1":"ed6c9b6bc6805e7a74c90c2f70040a22a7c0f9e3","sha256":"ea60fb56fced9d92b0247021093d020a5438a67c1084d715a587c598278a804a","sha512":"6204b75617d69a9c649c089283b8fff6285c43d78b07045799a230225ffec878299a45b73c0b05a85a83ca19874e7de30333065e46c981d3720790649ce965c2","ssdeep":"6144:f9gGcm/FTmn65dg2/s70cs6eWBsY6EHNfm5Dlf3+FFS:XhWwKNI","tlshash":"3b845b98725060e8a28762b9552f154db33f2578e02ccd14e39ac87c7295ccce63bfda","size":376596,"data":"","first_seen":"2026-05-16T23:25:48.549118Z","last_seen":"2026-06-28T13:46:09.816806Z","times_seen":4306,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/2643-f0046750557ecfce.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"22e80ddc9f6a618a74ae2024b1368d41","sha1":"92a5cb5a65b6db5e9fe377f30c867d91395fe65f","sha256":"cebfb1f5431b46b051bea9d7bb688099a15ae2d0bc9d906fad0678294dce11eb","sha512":"96d815f6d514ef47fafeed39af74b87f862781c464d29d2983b0b580da47867a08fe38b8f4cec9a32f181dc4174b981ade00e3b797cc8cdbcb48a0e7446a071f","ssdeep":"3072:lhsm2vphspSZ5qYHGKTG2Ucav/sLJ7T8Z2KxTofh5p0yEdQ8IeCp5+V0z0DLdD3K:Q3koZ5XG5sdSqfhwyEGASNBpH/","tlshash":"83440c2769c4127c2bc362569d675e4ef35ca918e215b419f3d7ca3d338c8c4b13aba8","size":276387,"data":"","first_seen":"2026-04-13T13:34:34.673947Z","last_seen":"2026-06-28T13:46:09.832961Z","times_seen":4366,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/9883-c825881b2c3b0fc9.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"bcc8e6423662c12c5682af8dfa62a5a8","sha1":"b892e8086c047484a6e09910e1f5856e5f607bf2","sha256":"fae79308e4825e4d0f92e72cc85189405fb0c80569638bdc473eb7743bc4d4b3","sha512":"c48d27ef493b6d93cca9320dd5602a5de168d7deb5ea80dddde2daddf2b75293f15df2de435a834ad87802ad9497e8bd92c4763018a76ac0e6c897bd15689d90","ssdeep":"6144:TDWV4xt0J6T+WqV7OF8JpCXy/ABCf5iwEVQt3byQvUfV:Tr","tlshash":"6e94a829494416622b6323cd268bd80fd08af2658246c9b9f7964e7d21cfdc4e13bfdd","size":437773,"data":"","first_seen":"2026-04-13T13:34:34.692397Z","last_seen":"2026-06-28T13:46:09.840053Z","times_seen":4365,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/1617-516db04f21137a6a.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"24fdfcfce61be021904770b2b372ca81","sha1":"bc6a8555479c61ba37ea932d435e967aa1b28420","sha256":"d95d061529e6b787411e9de741b9946e0daf5da613c585a1c9ce261c18aa12ce","sha512":"f60ec3821ceda20e18cabb5a1a2b0f1d1e1de6d97c049c912c6ef61cb827f169ae6dfb45bba561ec96a4f5ed9454d3ca07ac3c707aa0bac224f9736c56df84a7","ssdeep":"12288:yzq3gKoizq3gKo1mTkcAA92TkVAA12TkVAAD2TkVAAF2TkVAAM2TkVAAm2TkVAAp:+","tlshash":"7a55fd4c8b6602ecab986cc0ca0770558fd586177fcb89fcdebaad145bb16ce0311e56","size":1310318,"data":"","first_seen":"2026-04-13T13:34:34.702982Z","last_seen":"2026-06-28T13:46:09.860429Z","times_seen":4364,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/3275-bbdcc2e176783c7f.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"29fc6e35b3ecf993dba69228545f4d1e","sha1":"6d3d45d5d6e89c4c0c4be382359946c7f0c64529","sha256":"23fb767865b4ce96a897782c29d5a975a49d03eaf182146c61cf437eb690eb62","sha512":"17baad66b6b4cb23da59cdd3a0d01eccca6dcc23a46c7dfd990ebe03b91eda2b8749261247e731ec40440fe1380174321def6faff0fd888fa18663fff48e7a1d","ssdeep":"96:B6MlXsyMUxCCPs1VAbAvHbhPfjBItMbk6wd3E6l7b+5UYwhP7gb:/XDZ8CPuCsH9PFItQAU07wU7P7gb","tlshash":"ffd19961f091ebe4f8b708e8952fc40e726b2644d61948e1f5bbb8701b101f87b27f89","size":6161,"data":"","first_seen":"2026-04-13T13:34:34.666569Z","last_seen":"2026-06-28T13:46:09.797546Z","times_seen":4362,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/9689-39df663debcc7932.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"95575815245fac0dd0f1a088b5673378","sha1":"b5fc9a98ebaac4eac518520eb74304a19af4c4b4","sha256":"2b609ad50f89d9da15d3da8423cab5a459bb395d18125b50ac3646d7a4a7bb24","sha512":"cce3d8d652ccceb67e5c4091294a2c837b597c36be10c62be39c860fd5418c6da27b20da4e2067ec964c7a0bb667cf3a577a7b3bdfbf5e4c013be7f66a24ee7f","ssdeep":"24576:7tPaAKapUMi69Q86f4lJay+AdFYR/QNnBKM7x5AKGE5X4iOJ:u7KwNhQx6IIiOJ","tlshash":"b665e039b224247946944086c05f290aaf72541f29c5c4ecb678fcdb5ebdece237ab74","size":1462413,"data":"","first_seen":"2026-04-13T13:34:34.700386Z","last_seen":"2026-06-28T13:46:09.857217Z","times_seen":4358,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/3083-d0071871f85c1c39.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1e8736497d50701fd7e98b6af046968f","sha1":"dbfea11666fbb04bc71187a259b4318e935577c3","sha256":"f2bf0ce31e01e02feea9a6dba28d4318ce7e060806dc0c8e3a312b86a47bf163","sha512":"27ca329911a680c2a0654f53c3acb9846e41afbe86166bc73ee90c4f71aaea53c07bd3c3fe30a058e58154e9ab721f0238fcb7d087b6cae9a0313a6cabcd3aba","ssdeep":"1536:9wnbMGYAkPeRRJ0u4fU5g1+GoDJy+N0jPkV/KtXcUN3tadBZx4fH+dMxteMSVgvM:9wnbvvg1+lhN0wBDMxOig","tlshash":"84d3961600c827b52b677b25265acc0eb61bf23dc7429924b694c43b168edd461bffec","size":140858,"data":"","first_seen":"2026-04-13T13:34:34.639501Z","last_seen":"2026-06-28T13:46:09.836396Z","times_seen":4364,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/7262-260eb856ec86ab3e.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"fc5c946ea01e852079c01158915eb9ea","sha1":"5133bd0de532b10449bb08521a92ca6a1887b7eb","sha256":"4a07fe3714db1466ba3968c1de34671f62ca3d5a3e9a01c12fecbdf73f2361d7","sha512":"18a65b639abe772a19c8332cf3709c4e0213353430e032b2cd550e739db2467dfd24ad1fcb4a4ea3675c81f34215a5ffc0ffb658dbf80ff70c2382171199b96a","ssdeep":"1536:nopcljgCIsBEzrJ8i7e85k7yRck5L8Nwxg98:nWuUCIsizui7e5mckJuwxu8","tlshash":"d3730a953180f5ed17e381aac42f644ee32f5c2ce51a766463e4c9ac725d8c8e137bac","size":77603,"data":"","first_seen":"2026-04-13T13:34:34.62862Z","last_seen":"2026-06-28T13:46:09.826298Z","times_seen":4365,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/3715-1862ad9008505962.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.216Z","timestamp":1782303571216,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/3715-1862ad9008505962.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=I7fEQA8b%2BGT7Gr2Yrr5kwoEVXGNObMd36Kw%2BJbXyoQ%2FugV7KUVpKGxpECdgeQpIQBADmk%2B%2F68EV4N8meoViG1mFhQ2z8qr3oNEu18%2BdCgc8TAMH5%2FpyvYkrS3iB%2BotEu7Q%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 21211\r\ncf-ray: a10bae681f2756b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":81522,"size_decoded":21983,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65480), with no line terminators","md5":"2927eacb55a6224ec8cd6caca3db99c2","sha1":"a2bad0fd2d18b815ca48407464d6402918345813","sha256":"08f764ea42a0be91df8df5d26c417926f70a6721d2ec38264a3a28f13a98f974","sha512":"a5763ae91e2fbd84c6843f454a37179ae3083d4288200cd9570e88eaf655d5e1dfacbfaa5feecc671ab867d991612ca4464fcbea23a406e706e19799d9245a69","ssdeep":"1536:G8iMZeCMcsspNYlpAsz1jzsRr3KTArL7ml1C+Rmsqq99WsA:JiQensTQmYBLe","tlshash":"6683c764f1e0f6d4e1575399c92f460df12f2eacea25782cb3f5d818b7044d8622eba4","first_seen":"2026-05-16T23:25:48.524516Z","last_seen":"2026-06-28T13:46:09.82712Z","times_seen":4305,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-24T12:19:30.610Z","timestamp":1782303570610,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\npriority: u=0,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Scxc7oRQv%2BPYGRH3zFiNkVm5lHdQrnvQdUuDIqwajI5l%2BhkWkymw4i5uF2XXgnZh68aqLeFrxcVOsud%2B1Thp3fKKGj55vSC2%2Bx55wQVUuRFfl098yoGCBgx0XfYAShmgMA%3D%3D\"}]}\r\ncontent-type: text/html; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:30 GMT\r\nserver: cloudflare\r\nset-cookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4; Domain=.heodox.com; HttpOnly; Max-Age=2592000; Path=/; SameSite=lax\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\ncf-ray: a10bae647e8a56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7151,"size_decoded":3334,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (2283)","md5":"0ce44da5e96ddbc2a671007a29c7666e","sha1":"47e7adbb9fa2c148d701e24d9621a1b629f67e9c","sha256":"0142b3b8faf3b8aa55fcfbae8fcad9e38ee7b7f9b40cb4a28acf14f2bc57f657","sha512":"6d9c0357259a9749a85235b37d346ce0ce54df9f27243214440dbf5db9fc6c2add81fca428542d6064dbad2c594f2588e2e00073a6a404042f4e3cfb44932f42","ssdeep":"192:EUB4BfBct9RtUl78ENCC/g7FefSpGB913MCqO:EsgZ7l7Q7FU","tlshash":"ffe195b77f00992a07a39b99a8db224ca237e1078c79ddd5a744582e01c97f88473fd7","first_seen":"2026-06-06T21:26:14.93032Z","last_seen":"2026-06-24T12:20:30.387435Z","times_seen":7,"resource_available":true,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":6,"connect":19,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/2643-f0046750557ecfce.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.196Z","timestamp":1782303571196,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/2643-f0046750557ecfce.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KX3IC2%2FdioDuusCsoIwaNuIGyd8uvIpe%2BPLPKHr4mhm12aGRNTLFvXOZRbdbLsBcq5ueoNea3oad0dvUaey3JdUwMNAepUHjmzxLhd%2FoVgDQP5DU1vbCU5Bwrjs%2F5A8lHQ%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 71174\r\ncf-ray: a10bae67ff0e56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":276387,"size_decoded":71938,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65438), with no line terminators","md5":"22e80ddc9f6a618a74ae2024b1368d41","sha1":"92a5cb5a65b6db5e9fe377f30c867d91395fe65f","sha256":"cebfb1f5431b46b051bea9d7bb688099a15ae2d0bc9d906fad0678294dce11eb","sha512":"96d815f6d514ef47fafeed39af74b87f862781c464d29d2983b0b580da47867a08fe38b8f4cec9a32f181dc4174b981ade00e3b797cc8cdbcb48a0e7446a071f","ssdeep":"3072:lhsm2vphspSZ5qYHGKTG2Ucav/sLJ7T8Z2KxTofh5p0yEdQ8IeCp5+V0z0DLdD3K:Q3koZ5XG5sdSqfhwyEGASNBpH/","tlshash":"83440c2769c4127c2bc362569d675e4ef35ca918e215b419f3d7ca3d338c8c4b13aba8","first_seen":"2026-04-13T13:34:34.673947Z","last_seen":"2026-06-28T13:46:09.832961Z","times_seen":4366,"resource_available":true,"data":null}},"time_used":48,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/8648-b9a24ba9b5bc0c95.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.223Z","timestamp":1782303571223,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/8648-b9a24ba9b5bc0c95.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3hZ38HzvyGBOirJOwQO4sKzAjXKxkusHGVGMq4OuCuHTTTwCbQEby6tlO0i26G6CmQBGt1WW8c%2F5zY1sPmlayzHxZ9rk9LG%2Bx7LJm9J6q9DWjz5eu9GRCcYTVtCjdiRffg%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 35163\r\ncf-ray: a10bae682f2c56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":144939,"size_decoded":35923,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65454), with no line terminators","md5":"c518a3c90735027f7cf5e9ef51ba7e98","sha1":"243286f759a81ab0181dfa9e0f59e921228fe251","sha256":"17d24cd943de714ccbe4843a893186f4f9d7aa59277390480544a6008f41de2a","sha512":"611e7cddd315b0bf165c9a47866cecbcb4b7392c5ca210d60061a5bffb50af442e8648cb418bfc517e37b76c4a3f0756103a932fea6e289fcb6229a2b97f750f","ssdeep":"1536:Trle2nu/m82CFnMxwZCLVfvDzQjFY69xAq3CDQJUO9fEVJoZ1NbpGGVitgmdAYb6:TYUH821Nu95SQJxfwURk5bseKbsK","tlshash":"01e3e889f191f2fca6a224a9412f444ef22e3f4ce5255410e6f8dc083a586d9bb37fd5","first_seen":"2026-06-06T21:26:14.912411Z","last_seen":"2026-06-24T12:20:30.389699Z","times_seen":7,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/7185-909ee90aaf995ae0.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.237Z","timestamp":1782303571237,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/7185-909ee90aaf995ae0.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HykRramjLGWXDvUtG9VA5TKym2%2Bvn%2Fv4%2B%2FEFqsGox3g%2FsOlxLtW2pJoRDXf2gGzsnri%2BqHY6RtCPkGld%2Fyi3fp9IlY7ICaDmfWjEXBzZYqORv%2FOYNmnLC%2Bjr9XUBP10S4A%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 192527\r\ncf-ray: a10bae684f3256b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":714479,"size_decoded":193302,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65514), with no line terminators","md5":"f872fce468fe11bc2d553d3a1cb1728d","sha1":"64f7d375570dfb04f81e3aa3e290b4e9db422055","sha256":"ba29effdc23ab00f7e5b7ee690b711c4e750ab4bd60e6892ac7b2654c7dc089c","sha512":"2ec2637d1dde4852781820a9174ab4ce112fc7cd9a84cd893520aee7d8d485e9e465ae3b1a7856959d8954c60d09d88f75d513f842af5017f62df6ffd14169ef","ssdeep":"6144:QM59C1szfrCWDw32B9SKUVG1DmeSafWTnp2iYEGeuD+ji8ktmHUVYL83uS2a46G0:mO7w3qEKUVG1DmtafWTp2iPxKvN","tlshash":"e7e45d1d72c072ac17c363659a2b581ef36e596de125a804e3dac93c325ddccf13aba4","first_seen":"2026-06-24T12:15:04.841116Z","last_seen":"2026-06-24T12:20:30.390965Z","times_seen":3,"resource_available":true,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":52,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/7580-1e05813e2213c2fa.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.179Z","timestamp":1782303571179,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/7580-1e05813e2213c2fa.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dSJchPZ50h4Bb0q1SSCUCbZEB9bBeVkM7Ar%2FLaT2cidDM8sbTUAiTpqyVwyEd%2BQ8Y4OrK45mVJijpdSdH5D7%2BHXvPe7Ecm4avOcmjQaJOdZG8XoyaHHjjhq%2Bo0RFzqLB4Q%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 714375\r\ncf-ray: a10bae67ef0956b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1451511,"size_decoded":715140,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65485), with no line terminators","md5":"98c08cdf440cab4defd3a6756db58173","sha1":"cb0468f2d2d3816651663fa0bc74664e8f52d407","sha256":"717efa16b30d921eb2daba2cc677ba5fbb7fae501448c81e214bac6760160ef4","sha512":"a124530866a44814fac196a6b626cacb017d2bc4dd8615f0aaf634db229322b4e40d9e6a8b360b6632e76f7679435ec94dfc5feadacfcf0c5e3a65fb89ef1eaf","ssdeep":"12288:EJe2e02xEzaIGTBrfzLd91WJ24cvYkjZli4CnLPwGDkiqCCE+WTjjXHPxy0D8eUX:K/cpQlKxQvBIVV/7x6XomFnoF","tlshash":"e925f7198a6502fdbf596c80ca43345a8fe295137fdb89fccaba6e1447b4adf0301e51","first_seen":"2026-04-13T13:34:34.686233Z","last_seen":"2026-06-28T13:46:09.805268Z","times_seen":4359,"resource_available":false,"data":null}},"time_used":150,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":116,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/global/holiday/bottom.svg","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:32.120Z","timestamp":1782303572120,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /global/holiday/bottom.svg HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3%2FcLA7Dhu%2FIFeVyG6sCsJvHY%2BbxYD42c%2BRyugMA5f19L4EO3Wj1NEZH3Tg8k8Xze6nf1gZBbaG66FXmc9hOMEq2wPYZhsMiU3mk%2FRSlltbVMLfeCgt4k10LZXdttmnkOTA%3D%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:19:32 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:05 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 520\r\ncf-ray: a10bae6dcf8156b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1628,"size_decoded":1264,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"165634688949125db4ac194fe8681813","sha1":"c8d8f84854dc11683adff1b17974b18a3077173a","sha256":"865ac8ef0db76c4a0224fc4a29905e93b9e1cf278b42f7c95c8e1d82312d5e42","sha512":"9a4001c1e30d41bda349a631e7e00d8cf2528532717f23c5f19db0ac56dbd771e779ba07390b0c8fbe0beb77b3996e45b9bbef7b770850f8db207beff1888a7c","ssdeep":"","tlshash":"f2316f5c60b6ed389984c14c8d1fe0f5361f2fea07d6975620844dadfb094ff29626d1","first_seen":"2025-12-07T15:18:05.832815Z","last_seen":"2026-06-28T23:35:08.42217Z","times_seen":10031,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/global/countries/de.svg","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:32.208Z","timestamp":1782303572208,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /global/countries/de.svg HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Xhg9bN3MeKbCeoG%2B%2Bgg%2BsCMkANOWVthDhZYzvzjxPuvccSHEHkkwG3tvGYlBwnUlPHmXjNqjTVR5KY824q56Az3a%2Ba13LQXTU9eSExq%2FllCAl5g9AQe9Pv7wvP8GrFQDLA%3D%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:19:32 GMT\r\nserver: cloudflare\r\nvia: 1.1 Caddy\r\nage: 327\r\npriority: u=4,i\r\nlast-modified: Wed, 24 Jun 2026 12:14:05 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\ncf-ray: a10bae6e4f8c56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":271,"size_decoded":874,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"939afd91bea7074f84f4a328ca095295","sha1":"1a8edb7520cb812fd35996134ae823fe8ade03d9","sha256":"8e3c8f938c6fc4fc97c81f398a71d0d789b44b6be458469d7056372a2c05837a","sha512":"a3922e78b9ac5209cabea2c0945d474d24035a4e78297b3105779cea945b931ae83a59ffbf73e2877f2da42e0ff7fb5f23c297c1d7f7d09da3644ed63d82ef6c","ssdeep":"","tlshash":"c7d02bd8506ae8c04d16c7603e6c32c1288a6259238800dff0835338a6cb7ceb745f50","first_seen":"2023-07-03T07:07:12Z","last_seen":"2026-06-28T23:35:08.465168Z","times_seen":10930,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/global/fbq.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.055Z","timestamp":1782303571055,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /global/fbq.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DIJ%2BUJGpMSaFxDDqOyYJG05B9%2BSa%2FQ%2F0AjTgiSvIa8TFOeBSSrESi2RMK4DjF9zo5Bp8WLh5D3YLcAJaTXT2ah7aNgd%2FlTOUbN8t541O8N3ebc8s7cnx%2BTxVFCxgsnvQaw%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvia: 1.1 Caddy\r\nage: 327\r\npriority: u=1,i=?0\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\ncf-ray: a10bae671ebf56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":408,"size_decoded":997,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text","md5":"0b834c87557376668b3c3fde729a8db5","sha1":"872448d973ce02e75d52b31641d961601167d04c","sha256":"cc63b490224b081fc3bef6a696dc3ecbe7ea7bd45df00c8a53cfe304e7bd5469","sha512":"1c40528c95bf8c5d60ebf3dba6df8ca43390e5239ea50ef08705e547c48635a1f399f2f9d7207b4575822d2ce3dfd6e2b7ef7ee3b431255837cf2545ea5ed4c5","ssdeep":"","tlshash":"e7e0619f2c43b42733e97639c727a67b3763070178c2d919ba05c8151fe08966c96d9f","first_seen":"2025-03-19T10:41:28.92776Z","last_seen":"2026-06-29T00:31:45.074819Z","times_seen":24309,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/global/fonts/proxima_nova/stylesheet.css","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.080Z","timestamp":1782303571080,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /global/fonts/proxima_nova/stylesheet.css HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/_next/static/css/d4dbba7cd4889f6e.css\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dIZw1fLJCXl2ugSkbrq9ILHQik0PB0w%2BZCwaHQkfNpYIuIcOuQDuwH0oGU4BlqJmG3m3j44Zci4GTQeqpFGT3lyeKvnxHVUfd9a3rsA%2Bw3IDXB%2Bll7mngxIPKeDqwBt7cw%3D%3D\"}]}\r\ncontent-type: text/css; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncontent-length: 1497\r\ncf-ray: a10bae674ed656b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16511,"size_decoded":2251,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"d8931974e63a4dc65335827a00484a23","sha1":"3295703d542b291d258e703d3fb273aa4e71472c","sha256":"5748d69fa891b81b4890fc30b6c589852acd016cc7f8726e4ef93a497f0ee30c","sha512":"a5a858b0359a3571aa1337351eebcbed993af02fc1e9f54d7d87ce39e675d455c46fe9ef7291fbbb80d29d79dc71bf2404e40a902f5ee26fc0187e92b6625cbe","ssdeep":"192:xz6b6dlmqgqYGVNCGAcCh2H5vwCGmhRgSem0pBjqkCY9WTpnOPx/OSW9r0tZxjyL:paG7KUC4ZYCrz2muZHCfWctAH/uNB22","tlshash":"36723942cccdbc624aa6148077fe6ff60b4e28559079ad57ff3c38389d115adc68472a","first_seen":"2026-03-07T05:32:19.76436Z","last_seen":"2026-06-29T00:31:45.089306Z","times_seen":15102,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/api/v2","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.751Z","timestamp":1782303571751,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"POST /api/v2 HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://app.heodox.com/\r\nauthorization: Bearer null\r\ncontent-type: application/json\r\nContent-Length: 157\r\nOrigin: https://app.heodox.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 \r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-type: application/json\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvia: 1.1 Caddy\r\nx-compressed: true\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\ncontent-encoding: zstd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B7s0Ab3KFFuID9fY1NpSiOrSiF6TQlY6FUtTdD1ysLBJBDuwQ0BgvJxJyXGlDiM7OWs5ag5MU3oMJCjs8yx8pjgDgZDY2VUi41yvIA2mZRBp7cSp10m1q85or00BPDy%2BsQ%3D%3D\"}]}\r\ncf-ray: a10bae6b7f6656b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":181,"size_decoded":806,"mime_type":"application/json","magic":"JSON text data","md5":"697e8d80a2011d3dffa1839d8735d3a9","sha1":"9b3d1c2f1cac6016c738f5e961987241f152989c","sha256":"f821f482afcc858ac002063ee4342d58c071af4d4ebb1093f66d46cf44c7d848","sha512":"18c112f2fff6ae98995c661da99eac2140599e0cc046ac489e3ff2509715570ba6a1892121cb9580e83a3d25a63c318a52ab0416ba90c498f6aedde0b698ed6e","ssdeep":"","tlshash":"84c0c0000a60732c3cc6347cd6ae9c8017af392378f1f04e0b108202720c6103cc0f00","first_seen":"2026-06-24T12:20:30.396512Z","last_seen":"2026-06-24T12:20:30.396512Z","times_seen":1,"resource_available":false,"data":null}},"time_used":187,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":187,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/direct-router.bundle.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.057Z","timestamp":1782303571057,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/direct-router.bundle.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ghOf37IfzmKRSBhGzvvgRuhyrX3PE4UvYQ0Buqpohr8Uq%2BPgkPzJAtXyQlI6RWYadgpYwvNjNtrthhbOkXfqdR1a%2F%2FuHjPj9W6jvZhRbGKiGWF5ywOCNCIIP2M3Mztz06Q%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 66433\r\ncf-ray: a10bae671ec256b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":220065,"size_decoded":67195,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"f589e6e05857a1cf881cfc2a05ef7e9a","sha1":"8d8a58344a1e44416eea1555fcd2f024cd664087","sha256":"6c15c81fe6c86f71b4504b7437ba52be08619e4d694cd27c7e9b601344ef109d","sha512":"7c02b9b887c6c34948f9da8aba844a3001090f0fd2b4bcc3bf0c09ca47d585c36badeb264a193e9ed021f11ffbcc016977e11ff772841433e714f643523f2d1a","ssdeep":"3072:vqSp7BygEFCXqLkT5vd5XnTWhNIhdmkIxWjlP3/1JqobepmMGWR042:vqSp7BZaiv/ukIxWjlP3/AmMGw6","tlshash":"6b241aa93a95f1226ab3027310df5803733d352b280d4d61a511ede9b4b845eb17bfaf","first_seen":"2026-06-24T12:06:23.502088Z","last_seen":"2026-06-24T20:46:08.213669Z","times_seen":318,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/3585-1a2341a418cc0f3b.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.164Z","timestamp":1782303571164,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/3585-1a2341a418cc0f3b.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hFsv9jWiAmk7Dat1m609cq1AXwAXUZQVuSYRF%2BQ8Qr6FlZjllfcOasliKsEcTPv2e8OB4YFU%2F%2Byr0XYj%2FsfvpaO3fjGPsTtz5DI2vBAf8pcw15Pwl9ZbxwXcdSuWgf7rMg%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 111886\r\ncf-ray: a10bae67cee356b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":376596,"size_decoded":112651,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"d66e895831146a3fcda6c0de48e66fbb","sha1":"ed6c9b6bc6805e7a74c90c2f70040a22a7c0f9e3","sha256":"ea60fb56fced9d92b0247021093d020a5438a67c1084d715a587c598278a804a","sha512":"6204b75617d69a9c649c089283b8fff6285c43d78b07045799a230225ffec878299a45b73c0b05a85a83ca19874e7de30333065e46c981d3720790649ce965c2","ssdeep":"6144:f9gGcm/FTmn65dg2/s70cs6eWBsY6EHNfm5Dlf3+FFS:XhWwKNI","tlshash":"3b845b98725060e8a28762b9552f154db33f2578e02ccd14e39ac87c7295ccce63bfda","first_seen":"2026-05-16T23:25:48.549118Z","last_seen":"2026-06-28T13:46:09.816806Z","times_seen":4306,"resource_available":true,"data":null}},"time_used":50,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/249-0939437a59f2504a.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.174Z","timestamp":1782303571174,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/249-0939437a59f2504a.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NioUjoN04A1AC3hb%2FYtowgV3lGZLPEXtMFeNK6ASBRKcVZqpA5nBSrfmSWqTguwkc8edhFFDEBwr7Z1UvP6JRYEGsqEjTEwxahAVPCV7zvlBd%2BsKMBbdMhLSjcrdzq0XYQ%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 61624\r\ncf-ray: a10bae67dee756b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":281586,"size_decoded":62384,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (47782), with no line terminators","md5":"c3f51dd99a0be861049ebd4632a3542e","sha1":"3d08751beaf09ce31d44722d42da0650b0fc914c","sha256":"10976f7c91d6bbc5f35b9cd987501ad59a99b2a162a74b0ecbc9341afd0322d4","sha512":"4d67fb8e55edf461b142a253a2a20b675c1e9bf2c65ccee6af44d85dcf05b0467b1ce35a7f96a0f8cacf5c0e5c22ff530754f8286ea07eb6d339d72dae198c76","ssdeep":"3072:BF4UMvqBX6EG8q4H7GRxe8JTDUkan3busQd1yKlvRnTT/vD3Y46m+OEL4uFAQNgu:34UMCBX6tdDHV5kD3QPRuN","tlshash":"3d54fb0cf7fdf3b919ec389a364d0c3bd9a83a35d3b5625249d0f3ea9444cb4016a6a1","first_seen":"2026-05-13T18:10:45.999462Z","last_seen":"2026-06-28T13:46:09.83471Z","times_seen":4313,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/3980-010af18f0f321f6b.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.169Z","timestamp":1782303571169,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/3980-010af18f0f321f6b.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LpNU8hkDUrfuTUEc3jaTtT2kBh2s%2FPmYaR8bG105FPSVDs%2BnwLWpBh932vDfKuvydeLh2eGm5LRNBYIT32oIlFzXyW46Ko6e0bEsbn6gljojYWjBIRrTBzK6%2FDv2vlfwpw%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 102910\r\ncf-ray: a10bae67dee456b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":514070,"size_decoded":103673,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65218), with no line terminators","md5":"0ebe2885d4d5b7870215ed1d746ae08f","sha1":"ececc6607c16410aa62783cea6de95557893c3ca","sha256":"68eea241c058d3a7c5cd5eb609397e4d833059221ade7f5154e9f68da97ef40f","sha512":"a14e01fe32f03659c957c6d5c9d01cc20c71308424cf842a7d178aa207358e270a9f531acc7d37e285a34fabd655ad88256cd82143dc1828eda771bc46bdbc91","ssdeep":"12288:9Fw3/38CUqBZw5AcYk0G2KVLCfEQ4HAIrBM6k18xyBByFt:uB7KFrR2BBU","tlshash":"3cb4c60ff3e4bbad26b57666be0f537ab31c2cb9d714e81496a9f0152344ca86135bc0","first_seen":"2026-04-13T13:34:34.626821Z","last_seen":"2026-06-28T13:46:09.851189Z","times_seen":4366,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/7262-260eb856ec86ab3e.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.213Z","timestamp":1782303571213,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/7262-260eb856ec86ab3e.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EDODVcZWhiLJcsoR8ISFtjoZNFfGFn6rjS%2BrqmFh9oqgU6yVtv%2FiWnkdsejwW%2B6GPcQiCyKiVbFSCRSS%2BumNOk2zqZQ149vv1%2FxQ3YOTa6iXxFWtSMswiHdYll0harEzTA%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 21758\r\ncf-ray: a10bae681f2656b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":77603,"size_decoded":22524,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65502), with no line terminators","md5":"fc5c946ea01e852079c01158915eb9ea","sha1":"5133bd0de532b10449bb08521a92ca6a1887b7eb","sha256":"4a07fe3714db1466ba3968c1de34671f62ca3d5a3e9a01c12fecbdf73f2361d7","sha512":"18a65b639abe772a19c8332cf3709c4e0213353430e032b2cd550e739db2467dfd24ad1fcb4a4ea3675c81f34215a5ffc0ffb658dbf80ff70c2382171199b96a","ssdeep":"1536:nopcljgCIsBEzrJ8i7e85k7yRck5L8Nwxg98:nWuUCIsizui7e5mckJuwxu8","tlshash":"d3730a953180f5ed17e381aac42f644ee32f5c2ce51a766463e4c9ac725d8c8e137bac","first_seen":"2026-04-13T13:34:34.62862Z","last_seen":"2026-06-28T13:46:09.826298Z","times_seen":4365,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/4212-38fe49b6236c7c6b.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.231Z","timestamp":1782303571231,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/4212-38fe49b6236c7c6b.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cLkVCCuEZtYeav7%2FstCLYLn%2BeLCT4MCn0iYCk9yYj0L9Yg%2FK2L%2FJHa1UWAbHPwjWjAMZa5xnGDATINxVRjY%2BAfKLr7EeFtZZKkDNGEdV8fgn1BVNGvuryub0R%2Bs0m86NMA%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 29928\r\ncf-ray: a10bae683f2e56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":114414,"size_decoded":30696,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65440), with no line terminators","md5":"e1ee028598eb24e7427f83baa42198b2","sha1":"29ecf0ab8deb78392a4121a31e2fb63c764ce99e","sha256":"108693690d6f21f1942f276dc1e12eef8524ccb9678e1faeda902063ab3b2f0b","sha512":"71bd29cc66d0adb5ad11cba3d95baa883771712afef080e8b1f7a9c107dd9beb2404a2c43dd616aaf717ba69cfd4786e0c801ff3d88b6d201b8156124535fbd3","ssdeep":"3072:IxvuXFqhT8pi01EOUIMdda2zZ9GFOTASOeBTny//G:qvmFqh7MEOUVL1TASOeBT8e","tlshash":"ccb33b9972d0fd9d3bf3946a8c1fa40ee2795c2ed42d710462d9c83c72599c8e136bb4","first_seen":"2026-04-13T13:34:34.631899Z","last_seen":"2026-06-28T13:46:09.855881Z","times_seen":4365,"resource_available":true,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/global/holiday/hat.svg","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:32.113Z","timestamp":1782303572113,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /global/holiday/hat.svg HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Db%2FbhKSi%2F2OQW0pJSqu699whRObAksRgFVypldFVb5g7X%2BHDlOoFpLzBa7w1fbTjUc%2BfgjxkqtGIHXTiSeSLj7VdyOvq7zCAeLetqXTZDkyo76boDjQ0EVnf8mW9blyPBQ%3D%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:19:32 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:04 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 897\r\ncf-ray: a10bae6dbf7d56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2987,"size_decoded":1639,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ebf4ae376fe7b0c4da02abc9a0e648cf","sha1":"74f107d8c9add6f03d767e3c60b4b10d90f9b2aa","sha256":"67cdad7bd65668f2f0f392efb2933b7ee75902995fdefba25792859e4384b566","sha512":"b3fd5d449af21db89d091f46d6399f4e446889580de88f08413222d8f2b4a66c10eb09c0c3277126884f8c86fa0ba8310edb3269b400c85ef7afeb4c22a6278e","ssdeep":"","tlshash":"4c51f0f069fc608c65460738e6be88922f2d99fbb20445497d5d2ab0d717883f98fb94","first_seen":"2025-12-07T15:18:05.826288Z","last_seen":"2026-06-28T23:35:08.468848Z","times_seen":10035,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/global/countries/in.svg","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:32.214Z","timestamp":1782303572214,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /global/countries/in.svg HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rVkjWxTUhiCIEPMuxn2FJDwpOrjF1Pix%2F4jHu2hZWyHaN7PHNZJbHV%2FbukpDitDTJoXVIxPIhdf1XqAXLdON%2BasMD7hK47r5Nv%2BPN93rgut8WJUz9MP8HHrCGoYJYhfh%2FA%3D%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:19:32 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:05 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 780\r\ncf-ray: a10bae6e5f9056b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2301,"size_decoded":1524,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f0c892dde95804d59b20416b8db9fcbe","sha1":"41f09b07a8c26144aff93575ba4a07a0122bdae6","sha256":"aa82222076d0dd86dc6f37947faf10333212886549a33c4fcf6b44141b702018","sha512":"8eadf55e31f49edebffdb864eeec76900caf6f5163d2e3cf1988757271bb7c5e2c26c3986b4fe5b2f8953e733ea0c4bf4fb3cce0ec4d1010e20f5125abde3ac7","ssdeep":"","tlshash":"2e4165a9717df8cd9b01c6fda63bb9f1b00f50496b12d3a9b55b0f0a481a4fbb0056e0","first_seen":"2023-06-13T16:46:48Z","last_seen":"2026-06-28T23:35:08.442582Z","times_seen":10526,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/css/d599adfe9f648657.css","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.052Z","timestamp":1782303571052,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/css/d599adfe9f648657.css HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ztlmvYKat0FD%2FAfi1qWug5p6eBhX1GoNyoGN5qDnVP1nbtMBesdmaT19ldb89Vzee33AZYBcmwNOHRFxq9bxRWT7PeLbf71%2FYlFYqxFt6gl4H9yl%2FceHmdZcEoapF52cNg%3D%3D\"}]}\r\ncontent-type: text/css; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncontent-length: 12193\r\ncf-ray: a10bae671ebd56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":68963,"size_decoded":12948,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"689d6845a37e6a3c96ab9a76cf8f0420","sha1":"2930484cd58c8e849674195c73059425e6218d6a","sha256":"619447f843bd1558d398fc6c6548f2802566678eb7a6d1621fb2aa0b3c2ab977","sha512":"a467b0712c19a7d4866dee41cef2013cdf1509ee800a86860377e0eb4b217bc52a8d21a57b5695cd1be1fe81211ed007ffc07bbd6527d6a55e378eb7949c1265","ssdeep":"1536:SDzk2iKelS7yUAdO3CmoZV/AdBN/dilkbP6/4Nw9cXw+qicehzXu7VZ:F","tlshash":"1563b8715378f03cb977a82375819ace706dd203b97366dee5a4b43a80c76933a2274d","first_seen":"2026-04-13T13:34:34.644587Z","last_seen":"2026-06-28T13:46:09.796572Z","times_seen":4367,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/2366-925fc85d237b17af.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.153Z","timestamp":1782303571153,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/2366-925fc85d237b17af.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Bw4%2B1Wu7%2B5VqARuj4ZUqo31tbYDaEJxsVrE3WE0z5EEa%2F9BIrwyNluXAmJBZg9UHk8hKEmn9uJ89Incqp4BQQUk7rkOdupjEWqEtbbzFNvw7lwGjsqXMYPbW9nN%2BdlDteg%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvia: 1.1 Caddy\r\nage: 327\r\npriority: u=3,i=?0\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\ncf-ray: a10bae67bedf56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":467,"size_decoded":1018,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (467), with no line terminators","md5":"f7911660cff2a47fdbc9415ace2e3188","sha1":"3ab908a0337f5ba043a079b563d3c584521ece41","sha256":"4a2741bde36436647e2ae672eb2ef1262c83541e3d13784b48cb37b165bddd8d","sha512":"e21a40e23085dd405ca6c8473453fabc4c7df8999a472fad7a94a4f26856b2d5ebbfcae375412db956a96f92cf7f630b5804e5090ac19f22eb4b7a1022c96b3b","ssdeep":"","tlshash":"54f09e9920057c387abb4c02096e8c2a287c3572be091581e707c5a0009faf85170e9a","first_seen":"2026-04-13T13:34:34.684954Z","last_seen":"2026-06-28T13:46:09.794351Z","times_seen":4366,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/5669-ed334c2dbb466446.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.187Z","timestamp":1782303571187,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/5669-ed334c2dbb466446.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LGgx8fWemgwFDUPZoA2rFPVyPD%2B%2BsxhxOIOB1cbYh4RaKgfql7qZcCtBIu03yzgwYXtASeyOl4%2FORQGp9cU8VNQnrlEt%2F9laeZpukkjLV7BwKwwOlme6kDoYVb11jxaI7Q%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 350609\r\ncf-ray: a10bae67ef0c56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1370944,"size_decoded":351374,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65520), with no line terminators","md5":"edcd02e15f2012ec6437683a44554a41","sha1":"63a9be64badec0c0801046fef99feecbfd488cff","sha256":"e3595fda91d9d620bc150465632369c1124b0b7a387474cf81f04df6d534d3ab","sha512":"5869e9f6e59467227869d6b868b638882e2035c928efc7d4f21d43627243df6ce35e0bbb0a8f8eba23e8d5f39a3ba5b279656aab8fb3cf12652e5ccd1dd325bc","ssdeep":"12288:+3PyxSJSN87vIomx0wgH+vVUqmAStvp1H/llr9dhLR5EdNbE3aYAiLQDEmAx//pU:jNgvIh/VKa","tlshash":"c9250f5ccb9201bdae58adc1ca4770254fe282531fd789ed96bb7e214bb0adf4301e61","first_seen":"2026-04-13T13:34:34.672452Z","last_seen":"2026-06-28T13:46:09.795497Z","times_seen":4365,"resource_available":false,"data":null}},"time_used":123,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":90,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/5917-79f62dfd025e2ed8.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.194Z","timestamp":1782303571194,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/5917-79f62dfd025e2ed8.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6%2B6aTc8yLIAlekoDxuW8hslMp88nBEwIQ8upRPtBY%2BwrEDv%2BfdUYwAuO3k97o3bqkO%2F8EPdGAyyPESjti8bxbtynqyqBqz8g2dRkymqee2B9SkbUXQlLAqp1Flg9cM6IBA%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 93371\r\ncf-ray: a10bae680f1156b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1153840,"size_decoded":94135,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"c9b727057e7bd1e3325cda7430d5e8a3","sha1":"7f253d66cf405fdef8f4cecc4defaeb56c4e9b5d","sha256":"9451e73254f0cab0fed2933236b1b82d476e768fe75b7e1b8be7a19c98c5fbb9","sha512":"a0a260b80f808e6674eb5fcf51d9d0bf1a304790be35430de9333892ac782769ffd84746ac14a9c44d5450ab5c200eff7de569450717af197cc278532d7a30ce","ssdeep":"12288:m9kU1wEKxHLIPrsjbDcvnTJmP0I8y/PEg3Ahkz1epv3BoKuW+xMQT1y5EVNy5EVp:mrwEQ9Oe","tlshash":"f5259b4987aa42ec6f9d6d80c607744a4fd69513aed789eccbf9be1013b0ade1311f42","first_seen":"2026-06-24T12:06:23.50767Z","last_seen":"2026-06-27T12:33:47.193731Z","times_seen":2102,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/3275-bbdcc2e176783c7f.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.240Z","timestamp":1782303571240,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/3275-bbdcc2e176783c7f.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=L7EX02fwjKk2qoLD9kdJscQEbHOehFeVa6jVfJIkKwUniVm4FMR%2FFrrMGVLU7Qv9JbrqnjZol6tvZZZ0Absgx1RwmENnCtBcT42pRmYtRgO8xDel%2BkSBs624JfzYD4aCGg%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:04 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 2070\r\ncf-ray: a10bae685f3356b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6161,"size_decoded":2829,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (6161), with no line terminators","md5":"29fc6e35b3ecf993dba69228545f4d1e","sha1":"6d3d45d5d6e89c4c0c4be382359946c7f0c64529","sha256":"23fb767865b4ce96a897782c29d5a975a49d03eaf182146c61cf437eb690eb62","sha512":"17baad66b6b4cb23da59cdd3a0d01eccca6dcc23a46c7dfd990ebe03b91eda2b8749261247e731ec40440fe1380174321def6faff0fd888fa18663fff48e7a1d","ssdeep":"96:B6MlXsyMUxCCPs1VAbAvHbhPfjBItMbk6wd3E6l7b+5UYwhP7gb:/XDZ8CPuCsH9PFItQAU07wU7P7gb","tlshash":"ffd19961f091ebe4f8b708e8952fc40e726b2644d61948e1f5bbb8701b101f87b27f89","first_seen":"2026-04-13T13:34:34.666569Z","last_seen":"2026-06-28T13:46:09.797546Z","times_seen":4362,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/index.html","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.338Z","timestamp":1782303571338,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /index.html HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://app.heodox.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LveLtxXiWzPZLxTulMy%2FChZsZqnIN7QUlcYsXYPbkx5yvUfRMaDX%2BKEXDnqNjXNflOetOZn%2FOp1lU0F6CkojkzxNykL3RincXIm9hGxM9e%2B6nO4E7M9GjNmPRE6492zTOg%3D%3D\"}]}\r\ncontent-type: text/html; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\ncf-ray: a10bae68df4456b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7151,"size_decoded":3002,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (2283)","md5":"0ce44da5e96ddbc2a671007a29c7666e","sha1":"47e7adbb9fa2c148d701e24d9621a1b629f67e9c","sha256":"0142b3b8faf3b8aa55fcfbae8fcad9e38ee7b7f9b40cb4a28acf14f2bc57f657","sha512":"6d9c0357259a9749a85235b37d346ce0ce54df9f27243214440dbf5db9fc6c2add81fca428542d6064dbad2c594f2588e2e00073a6a404042f4e3cfb44932f42","ssdeep":"192:EUB4BfBct9RtUl78ENCC/g7FefSpGB913MCqO:EsgZ7l7Q7FU","tlshash":"ffe195b77f00992a07a39b99a8db224ca237e1078c79ddd5a744582e01c97f88473fd7","first_seen":"2026-06-06T21:26:14.93032Z","last_seen":"2026-06-24T12:20:30.387435Z","times_seen":7,"resource_available":true,"data":null}},"time_used":142,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":142,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/greenColorDSGN/mix/landing_girl.jpg","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:32.116Z","timestamp":1782303572116,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /greenColorDSGN/mix/landing_girl.jpg HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9SmAzXG3GKAIEQM5%2F65etDYp%2Brdj0Xk6NUh0tqZDrG3dp9sMvnzCSOGXLL8BM4Kdc078QG5V1TtrWcToHaleznBE9R81ZOvV42BQfCbWKPFvwVk07bRDzf7t4aepzOJIwg%3D%3D\"}]}\r\ncontent-type: image/jpeg\r\ndate: Wed, 24 Jun 2026 12:19:32 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:04 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 75067\r\ncf-ray: a10bae6dbf7e56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":78517,"size_decoded":75804,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1184x514, components 3","md5":"8d25c1c54ad4e4fda7a046718150d345","sha1":"040d0a141110b4931b44882a4a7f684c1d88ccc8","sha256":"396fd7d00555a14daf95d589cb71ca04832cb73a1f4d7526dfe1230cf289d24a","sha512":"55594743a12b9482a937157f0e70d6b72938d8ef197ba4592fb0be93af2aeb2c637a17bbf74a269a3074cf9dc5a95ffb86ba0b5580b0a7fbd353eb863369e0d8","ssdeep":"1536:5UoMN6p0PBEXSUrkj4srs72ZEsEsKuU/jfT7OxIlp:TMNw05cSUrUrAjvu2jQSp","tlshash":"2c730247ee4840f69c1d4cb47c961c6e7f602aad2d725a0d3b124ec52bc3b8aec7e456","first_seen":"2026-02-06T07:23:23.951452Z","last_seen":"2026-06-28T23:35:08.479611Z","times_seen":7340,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/muskColorDSGN/mix/preloader.svg","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.064Z","timestamp":1782303571064,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /muskColorDSGN/mix/preloader.svg HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7Fn206cV2hFNNeTz9IO2T%2Fv7RNvraT8Vq%2FSl%2B0H6uvd0PNCWo065zJKsnEHOwgHSARVkgZ0Z92FYXnPLb%2B2Whpzc4qi%2FOjuEJKIyYQGSRYH%2Bjhfut7SResyoYwARR3f%2BLA%3D%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 19879\r\ncf-ray: a10bae672ecd56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":72100,"size_decoded":20629,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"850e1745f4385099a3518d32d9145e74","sha1":"69969125e203608b7462ed6f8eaaa2917d48ab0f","sha256":"31ccdbf4baef0e8d2e5ef2d71b200f1b8288afa891e6ea50729feecd86dcb895","sha512":"617fd124ef9ca7077d4215668197b1bd456b3f6dd2063130545d4040c4ae11c1d37a569ad757ff74ee26ccedb5db2f150439c8c515bceef6c0434c81ae46edee","ssdeep":"768:YDpuRdZRXU55SUH2v9rirdHR96Hi3WdoanhrqCLUEBHp5ZuQ+Ip1xLtaD3LxUynT:Qk9eui+hrhUEBn8WXED3Lx/T8QdxGwlH","tlshash":"a06395ed2bf018c949c8c3d7ff5944a92d2a91fba5484908f65c4fac1b85c5eec47ac2","first_seen":"2025-11-16T06:53:31.140817Z","last_seen":"2026-06-29T00:31:45.095831Z","times_seen":21526,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/1617-516db04f21137a6a.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.221Z","timestamp":1782303571221,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/1617-516db04f21137a6a.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nj1EdSZtkzOupd8G1YZeoZnkjxwiy1Awq5jNuu6V2qc5EqWvAFqgao%2B%2B0ql3IxbtU61%2BndVpiImnv31YQiHXyF9t1Yb9nq%2FOfq54PxN%2BL%2FVoBQLILBkU1Myxqdm5LubAjA%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 134434\r\ncf-ray: a10bae682f2b56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1310318,"size_decoded":135203,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"96e12518bcc4bdbbe9000be499bd4164","sha1":"964881c32476cfe71ce4b7dda2df1fedb01927b4","sha256":"0d72038e505589c03cb66f853434a70524bfd107ba42445b5c4d48966311f63c","sha512":"ec4f41f65b4670eb2cb554fdaf6d5eadebdc5de167bd035cb16860e500477f99377171083aa1041d61fbd08f9a0ad13840391ff21f67a39cf0e1a3d552b5baab","ssdeep":"12288:yzq3gKoizq3gKo1mTkcAA92TkVAA12TkVAAD2TkVAAF2TkVAAM2TkVAAm2TkVAAK:J","tlshash":"6125aa4c8b6602fdab546cc0ca0770998fd186636fd789fccabaad145bb16cf0311e56","first_seen":"2026-04-13T13:34:34.656645Z","last_seen":"2026-06-28T13:46:09.844641Z","times_seen":4365,"resource_available":false,"data":null}},"time_used":74,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":44,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/9564-0cf3b4f099c86954.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.228Z","timestamp":1782303571228,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/9564-0cf3b4f099c86954.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=I%2BHtemZ%2Futn9x96RAKnmPAU%2BM5m83RzSulPvwgtBAMqsPnOLg8e3EwRGoQbjwUdbnqV8Z9BN3YNOA0uBuVGfOzF1ymVVZVRnuVvuO0khnRiGA4u2J3uwQcAKS1Hereu7Ig%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 18103\r\ncf-ray: a10bae683f2d56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":61557,"size_decoded":18865,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (57043), with no line terminators","md5":"f1133f31f38a7764ffc9bd1b3df097e8","sha1":"d5d2b6cf4dec8e50720d6754d015bc4736f6c72e","sha256":"5aec2933ae085f9a1203fac9a6a05a2dbbb5a4e92ceb66b1124084dae588afbc","sha512":"abfc85e1473134449c3ebe247ad09931b39c01a2b43e65ed5f863b30b2d791ee25b24d9335cb778771683c3ba87d996ddbabd6668d089e932c3e8d57d92cac20","ssdeep":"1536:sAvhk/n1ED3wnpzktrXFlnEA8aqLE4++E/NL7:sAv6/n1cIzk9FlnBCLE4++E/N3","tlshash":"9d531c8cf3d4f2a927e670ba283f1c3bd12e7a34971990645794e6b42549c885233bf9","first_seen":"2026-04-25T11:58:25.658808Z","last_seen":"2026-06-28T13:46:09.811249Z","times_seen":4352,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/greenColorDSGN/bg/landing_block2_semi.webp","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:32.131Z","timestamp":1782303572131,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /greenColorDSGN/bg/landing_block2_semi.webp HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/_next/static/css/10dffa892f034c33.css\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kN4vzIzYTpOap3HPD7xKzDMwerI9z7r59TW8vhS4qAQ8Xp9doOcv5TV6NynJzfxwYIY9FGQc2MkBlFatLvZL3moQeVTW6cytl%2FWs35D8eIDY3Ch4MiUKJCa1Inef%2Fig%2BLg%3D%3D\"}]}\r\ncontent-type: image/webp\r\ndate: Wed, 24 Jun 2026 12:19:32 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:04 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 182377\r\ncf-ray: a10bae6ddf8856b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":182372,"size_decoded":183117,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"03a41ebfc2822966ccc84b5f11fb4f37","sha1":"8a03e5c17973d563e27d03be49e710e14c70d862","sha256":"c6c3494d6e8ce461c4d7b6d1003a9f6c5131d4bfbc81150f033713cbd161c50d","sha512":"feef02093801d484436151ede3a28e4a652c7614aed8bd49972100bc8e7fe24d276415b4be84c6bed0ba871af142c1ca12d405f8a7fdb2d43f9820dbcefc3a62","ssdeep":"3072:ReuoArLIEpV1NVfhqB14todZgaqt6eOLZCfBEunnFvrQbOPPFp8+AjJZP5o3mCoA:o1A/vfh+1Tiaqt6H1KtYOPnaNg3mQ","tlshash":"5204122892bed919d2d85bebc73d50da380cdac3ece73623df162435640c9d39722666","first_seen":"2026-02-06T07:23:24.025684Z","last_seen":"2026-06-28T23:35:08.475323Z","times_seen":7329,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/css/10dffa892f034c33.css","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.050Z","timestamp":1782303571050,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/css/10dffa892f034c33.css HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=d42ROZjNtrNAJ2ji3as4R5T9MgHh13J50KmTkeQHIgEXf6ihFL%2BlIAXVwmEIagAtpHcwOJdvD%2BFcv%2BVbOdy8kgeqgrP3qciTJQnMcQp0vaXFWfGOZY1U6TLfHnVP2z%2FmnA%3D%3D\"}]}\r\ncontent-type: text/css; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncontent-length: 14043\r\ncf-ray: a10bae671ebc56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":76394,"size_decoded":14800,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"903280523a763cf14a01eda1a188c571","sha1":"cb8e1fd73250fdd6509ce200f5215a75c6430be9","sha256":"91441a25f42db624a6ab86a8831b21a2a1f2466c4dff5f9d60596bf5c5bc2f47","sha512":"c8350ff391c334c4f5990ee6dee8b883d6158ff6fa8fd0bb5c8d3a1673b76ef3d2af75afccc76b5ba33fcbe554bb9db09202284026401b21af40704edd70497d","ssdeep":"768:91aLpv9OTdbkomfYKekdx/+dYCzEvBvwbniRXpnBv1L:91adv9qd4omfYKxb/+dYxvZwG","tlshash":"4073a6365130a13c7ae76934be98a5cc3136c592ab335bdef05abd25c1c71a73a53388","first_seen":"2026-04-13T13:34:34.68351Z","last_seen":"2026-06-28T13:46:09.8496Z","times_seen":4367,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/global/twq.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.056Z","timestamp":1782303571056,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /global/twq.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NGCj417Su7CQN9zTGEXuO2UZ9EEHwYWpI5HKYKJh1ck3lGj7yk0ExycgdIhyUUMbfKetm9VBO1FGj4fWbjph%2BLSKqKjyph6C51DuTroA13KDcWaC1jLsj0gsTqqRxyUVBA%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvia: 1.1 Caddy\r\nage: 327\r\npriority: u=1,i=?0\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\ncf-ray: a10bae671ec056b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":308,"size_decoded":932,"mime_type":"text/javascript; charset=utf-8","magic":"CSV ASCII text","md5":"7f4d9e824f13f7d27acdc868f36f7208","sha1":"125a712d37aefe5d3e52ce2ae8986e109eb473de","sha256":"d6768cdba372d919e6d9322bf3cf3a0dfe427d86293aaf16f23d096028a00a1a","sha512":"d6395459961f34c3efc4c55ffa6bd873fbf20cf9aab17d31ec926d7ff645cfb9ae0cfea469b98e0604c5de162b60eb1bfc7b06a6fe91e3497f3a4fb32d29c20a","ssdeep":"","tlshash":"66e0e7f12d093d631fa11374117f931f3143210575595b91d59cd540376249f8037b8c","first_seen":"2025-03-19T10:41:28.935479Z","last_seen":"2026-06-29T00:31:45.08594Z","times_seen":24303,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/4577-b61d38b6b034d783.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.181Z","timestamp":1782303571181,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/4577-b61d38b6b034d783.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dBbZ3oIoV9Opu843ew5zuaudA5F8LkXsaJM%2Fw9CIt1k%2Bp8mdgi3NZtsZxVVy%2FiwPIl2wDGFCCllAqvTo1K%2FnqqH%2B%2FwEGmujn8Ok3RiHXY2Hdehh6GcpozZ4aHUDJYR0VWA%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 612001\r\ncf-ray: a10bae67ef0756b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1365565,"size_decoded":612770,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65494), with no line terminators","md5":"e6668d8af07f665bd6a728ea389b8445","sha1":"b44451db9a442a5be3cd3e428eae187031c8e6ff","sha256":"d66d82d7f23df37ddefc4a74bf15ca47b58e44f24171b875bb7911b865b5f17e","sha512":"cf413d7f97c7cb9a5f47be1f6d015d3cf6e0379a70e3d9e9d649a4640fea030eb4c6855f792b9583bbc963559a7a9fdcc8ef8febbca7e5d9a1c814a5ba722b5d","ssdeep":"12288:GxIYTLljXNW4D93yq3F/1hWJ24cvYkwl/eH3q0kCwI3UxrfZfM6A333xJUgHAsA8:3/cpXlKxUvBIVV/7x6XoG","tlshash":"4825601c8e6641edaf18ac81ce4770658fe2c6422fd785eddabbad204fb018f4351e65","first_seen":"2026-04-13T13:34:34.653552Z","last_seen":"2026-06-28T13:46:09.817751Z","times_seen":4349,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":109,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/9883-c825881b2c3b0fc9.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.208Z","timestamp":1782303571208,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/9883-c825881b2c3b0fc9.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=urAhWNz4WPOvRzhkzXbvqxfL4vFakLjKxKmKZIFS2wKIeZdp3T3Lz8Jq6sl6ah6MXZrfXOdW20ce6rXp814BWXSv4FtbHG%2FY4ApdICQ5VSTeaqc2ij8HcLfaaBC4W2wo7A%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 102581\r\ncf-ray: a10bae681f2456b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":437773,"size_decoded":103340,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65172), with no line terminators","md5":"bcc8e6423662c12c5682af8dfa62a5a8","sha1":"b892e8086c047484a6e09910e1f5856e5f607bf2","sha256":"fae79308e4825e4d0f92e72cc85189405fb0c80569638bdc473eb7743bc4d4b3","sha512":"c48d27ef493b6d93cca9320dd5602a5de168d7deb5ea80dddde2daddf2b75293f15df2de435a834ad87802ad9497e8bd92c4763018a76ac0e6c897bd15689d90","ssdeep":"6144:TDWV4xt0J6T+WqV7OF8JpCXy/ABCf5iwEVQt3byQvUfV:Tr","tlshash":"6e94a829494416622b6323cd268bd80fd08af2658246c9b9f7964e7d21cfdc4e13bfdd","first_seen":"2026-04-13T13:34:34.692397Z","last_seen":"2026-06-28T13:46:09.840053Z","times_seen":4365,"resource_available":true,"data":null}},"time_used":70,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/9796-477f833bec802edf.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.218Z","timestamp":1782303571218,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/9796-477f833bec802edf.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bcv%2Bk%2F%2FzkNVqjRXuVm7MPZaEOGaeKRo%2FFpGTTeZeKNoHBWVTFjNGlYZ7wQnhPr%2FM7rPz76zMxjkSeiN8AIHSM6pF3AXDGww6MT7MlRg13mWDxDhBBN%2Bi04uOks94OEM%2Fqw%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 30594\r\ncf-ray: a10bae682f2a56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":261678,"size_decoded":31364,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"3cd700563cd8e58c974d39b5117025a1","sha1":"8adb06045734081c226292a64b902365df367e22","sha256":"92c3493cdd4b2f4c088fc3c1aad125fee7a6efff6470de708bb5363e2c2b9e48","sha512":"89bd514505d7f05dc1d6d9124541bcc8aa98cb80bb21ecbf2ce07e05c4f9767ed6ff1f2ce6a99f5a994cdc9801fa416e5d37ef0bc5c046b18d4eb13df3a033db","ssdeep":"6144:cX68qDg+HzhjzH4Bs5ivB1hPYbRm0XiGwgwKZ7hmcVQoDMEFilOHIUJW3bXlB/C1:VjzH4Bs5ivB1hPYbRm0XiGwgwKZ7hmcJ","tlshash":"eb44101c8f7242edbb187c80ce4770698be586466fc784d8eafb5d244ba05ce5342f66","first_seen":"2026-04-13T13:34:34.615711Z","last_seen":"2026-06-28T13:46:09.846966Z","times_seen":4365,"resource_available":true,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/global/favicons/greenColorDSGN.svg","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.587Z","timestamp":1782303571587,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /global/favicons/greenColorDSGN.svg HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CQYEMZCY43L3wpZP4I8EslLq8vzmoyg8B46k5pSubexRPQpruT9iSbzh%2BiUykqlDQhWR2VF4KC0ay8yBHA5D%2FEKN%2FSuCQIoe4%2FCrJ4xn1m9sZu5G4yjgG86DpLDx0j3vvA%3D%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:04 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\ncontent-length: 750\r\ncf-ray: a10bae6a6f5a56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1468,"size_decoded":1495,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"50679c0c5e3ed56d05c1d0ed312419a7","sha1":"f9ea27ac71a78da2d61e14b84ea77ce447920d9d","sha256":"c164e1ea36438d14fea9b88996d154275a4c92fd80bfa082c7e00a343f241147","sha512":"163d4097d60ecdcf58cd01ea828e74491b0e27fcf3d40a2e7c56e6c90042d6d9a9b6cb18825052caf8799836ad35a44c1c88ffd2c35ce5d888d23716c27dd0f4","ssdeep":"","tlshash":"a4312e9e77fea185f448e7f8023999b932d36cd33a04d8282bc00c02e98091e9c9588b","first_seen":"2025-09-26T11:40:39.971586Z","last_seen":"2026-06-29T00:31:45.099178Z","times_seen":19755,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/global/countries/gb.svg","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:32.118Z","timestamp":1782303572118,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /global/countries/gb.svg HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2B4qmHpS5L1%2BxeopbOyNP%2BXLlKYuBVELqSvg0Lp85g0uyT3q9JnVlw0zGuT8T2GS3lc3VZFtx10xZ3IRzemSrWNEbVRBxGEppvqTIt5TO5g6VisgnaLGSUz1j1ONinaBNog%3D%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:19:32 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:05 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 659\r\ncf-ray: a10bae6dbf8056b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1183,"size_decoded":1399,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"99a9e5571c2f5acd9cb910ce6a3f39a6","sha1":"876935939a01dae371583220f75bef15b5185c68","sha256":"5ff2f32ed6905d887f7d771029c1e65b1ef059e92260b548908cabb4e886bf19","sha512":"14cfeeacd8e2f9b67bf2e1f5b2823a98fc60854fca5afd0b10be72ad647ffd38aa4058188451c98e2045628706f0b84dcad508fa901ce146705102fed962de1a","ssdeep":"","tlshash":"ea2163c84370b5c059a74fba9f28a2dc924925f9ddc96ecd10be0538445ff5ed01f009","first_seen":"2023-05-08T16:47:32Z","last_seen":"2026-06-28T23:35:08.424434Z","times_seen":11179,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/css/ce4a94f3f717c248.css","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.054Z","timestamp":1782303571054,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/css/ce4a94f3f717c248.css HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TyFsiaUmYuibBBvp%2BvpHRSYjEF3n%2FJl0FJTU7f%2FbeO1RjGmf2McGiKjrtQ4DlOPclWc8ETD5zX1XfMHt840IQRnQaAKeWIBjyF6R6XEmT9Zq3hljFbA2A%2FeTBLxSmy5OZA%3D%3D\"}]}\r\ncontent-type: text/css; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncontent-length: 5672\r\ncf-ray: a10bae671ebe56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29159,"size_decoded":6428,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (29159), with no line terminators","md5":"46ad4b92478a51e4234fdd6d675c9f3a","sha1":"649d65f39d1733aa5d13bb1f20e773e089ba6620","sha256":"8c2a5bd34c98a97841f128779b43cb8346f7ec1a35adefdb188f32eeab45bc67","sha512":"0f77212b79bb5fefe13b10066fa75ad94c9e4308f9bcfb246d77d96c9b67b6a442ace7fbd0cadd1f6dbc3f50b0c7418b49733fcded43b1bcb81459b605492059","ssdeep":"192:+rbxEXPgGgaxVOUzM6YLWBHo1Vc/nJdcdISbwWCnZclaumSgGBhS6lPxT9nqhC4M:+rL5UzMr0IgfImKwYAMRfmVnFI","tlshash":"d2d2a432a124d13cb8b684627e95e7de7058c203da7756faea41e52dc0df5e33b62308","first_seen":"2026-04-13T13:34:34.624049Z","last_seen":"2026-06-28T13:46:09.824571Z","times_seen":4368,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/5709-ea7a4340808316a5.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.158Z","timestamp":1782303571158,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/5709-ea7a4340808316a5.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=st0QWOv04NbkM3BKk8szSdpzwMcy3%2Buo2VfugzyCA1as%2F6rEKkbApL2TOnOlrAyJQ82SFP6brEz49mwzgqMGnJ7dS3Z%2F6PrZPoBviA8YVQDT%2FypPJLf9afqIpyv7MW84SA%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 364325\r\ncf-ray: a10bae67bee156b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1454652,"size_decoded":365090,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65474), with no line terminators","md5":"da779d11d6dc46752ab334dd5393f2ea","sha1":"ae0c777835c44d6d6eba77e9eef5bc1e2bc03d28","sha256":"68132251e81ae3690f1423504f3f9e464e824d7d74b7b684c0a8091fcd422430","sha512":"7f8517459a8d44f0f37240a06be158dba4b2824e6ddedcbf055bbae67c5b5dec68e303db86b32e51edfb5a0fe8576e2f03b6882958bf5b820e847b43303bec8e","ssdeep":"6144:7nRjnRVLWQuV/er6qcEhJMQslkFN0bbLTx:TuY3ZslkFN0vLTx","tlshash":"8135388c67b5a3fcf505b7f8892b68757e6638fabb81c438c3e55d24e0500ac89658d3","first_seen":"2026-06-06T21:26:14.922608Z","last_seen":"2026-06-28T13:45:04.068675Z","times_seen":4011,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/19-5bece4aba82fb776.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.184Z","timestamp":1782303571184,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/19-5bece4aba82fb776.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nGOe8nAZuq9rXC2loF1gI0qBnS5ztFIFlAF5H4%2FPcW5XDGtMfTb5lRys6EinlQnwiMbaMM%2BydooeOlap7NJFm81P6SFPEypHdp8rKYQKBdq6ZsljtecVABzBeYCM%2FnYbQw%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 347128\r\ncf-ray: a10bae67ef0b56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":936675,"size_decoded":347891,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65520), with no line terminators","md5":"499ae782218e46ba0165104a99a4ba64","sha1":"dd6335c8003db8dc40f3b6e5fd9ec389bd5679a4","sha256":"7930fcc2462bd18b8f3559392d9d610cb2a4cf2aad270fc533012c2fa8560ab7","sha512":"71885acc13827a064e0430afe760dadfaf8afacce9f7dabc324d265d126140a62d9baac56cb09e1725cfedc955eba79c0828bd9891ee524aa7d19448c1557aee","ssdeep":"12288:EW2sqZNSN87vIomx0wgH+vVWQo7AN3zoMaaql++gWuWUC4Qj8zINa8DPeo7B53zW:9NgvIh/VSUVPyzLW3fxz","tlshash":"02159459ca6602fd7f586c81ca4770698ed282136fd78afcdaba7e1447b0adf0301e51","first_seen":"2026-04-13T13:34:34.636004Z","last_seen":"2026-06-28T13:46:09.839185Z","times_seen":4365,"resource_available":true,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":85,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/greenColorDSGN/bg/stat2.svg","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:32.129Z","timestamp":1782303572129,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /greenColorDSGN/bg/stat2.svg HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FyODdY47valWSbP3tQnoOn330giqY3hDOTYffE8zaWCcO5fCirgGgutCHI2Qu5aUImV3g9NJxD5ZqdaIznD3%2FHPI9WgbwTQppbutX184sQidFcitzbu53Af9k9sK5oSNdA%3D%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:19:32 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:05 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 2008\r\ncf-ray: a10bae6ddf8656b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4012,"size_decoded":2747,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"5cbab71b6d96ad7f65cb930bb401ba68","sha1":"48996ecb2d0d7d9c1ecd4ccf994b9a24dd52ec6f","sha256":"a1c783e7030d327da610a9c36e0359b2e07573771468225ac6a6cd3c2d7bf12e","sha512":"5e70c60a35359b551d6009e1f63ebef5911c29a63d89ec24225f48c7f20d33982b1f0353cade31e7f541d3df5d534984b6c69379373d086a7e1c5adf536eb780","ssdeep":"","tlshash":"3881d5d82bf585e4a2869be3df01582c3d0790fa2ec54840f39c6e682f55c7dcd128ca","first_seen":"2025-09-28T21:41:24.398473Z","last_seen":"2026-06-28T23:35:08.47455Z","times_seen":9704,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/greenColorDSGN/bg/footer_support_girl.webp","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:32.132Z","timestamp":1782303572132,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /greenColorDSGN/bg/footer_support_girl.webp HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/_next/static/css/ce4a94f3f717c248.css\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IrByMQDZ%2FC6D2kb2RTErsfPwff83M%2BPzFTGhj6UYsqF1lqBQIjbyyaagMocDpy0l0QDR274rGAXl6F5o9dlMxp8QGotOUV%2FYq9GDBxvxXWXlJR6dF63MMNtCD8zMZwdnfA%3D%3D\"}]}\r\ncontent-type: image/webp\r\ndate: Wed, 24 Jun 2026 12:19:32 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:04 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 57854\r\ncf-ray: a10bae6ddf8956b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":57850,"size_decoded":58593,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"5faac5f71c2e22c65bc69c285c0d3696","sha1":"fca1321d83571cd8e5cc3675251b7b1494657524","sha256":"9bdf3122176092018f424668f17ff2671b31372edca458b79c74cd9d499098e3","sha512":"2313bd524395624d329705b1f80dfbad7fe65729a4b5e02a2822ed990a6f9b0d78081b08210c70666d4b6076827ddd27948179654db24209eeb65cbe2ac9a5ee","ssdeep":"1536:MO09/ae5eKf1sIYm1Utg2OTeeydxh7F+euCxPO5U:69d551srmOTOTp+b3xPIU","tlshash":"ce43013c7ae9b930cda1243a4325ddd59c20c652f80b346abf9d86907224d7c9fc39e6","first_seen":"2026-02-06T07:23:24.013748Z","last_seen":"2026-06-28T23:35:08.462711Z","times_seen":7329,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/global/countries/pt.svg","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:32.212Z","timestamp":1782303572212,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /global/countries/pt.svg HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0n%2FFjJbHxcj2EDG9Yn3wMRfPPSaEveDFBG2ERRl7cN752hbnanYG%2BDxDHeOeWMXfpdIXTZk%2BKt9ZG%2BpL67p2XO8A3MxNMSk%2F74lKLmbNMs2u7CTwX68a2iWO2paTzUKz2Q%3D%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:19:32 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:05 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 732\r\ncf-ray: a10bae6e5f8f56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1445,"size_decoded":1476,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6e9db125513715df3ec213f701b912d8","sha1":"f0fbb6a6e5b7a068d28792280f397a4b879deeff","sha256":"3054e3bbce0d049b0ab3d157a16b24f7a572a7a45e73d342e3b7b8d5f28f0a4b","sha512":"06c04e06e44b97fc2b4379173dcaa7003f3cc5ed58db1697e0934f96878fc16928e08eef9a0be085cafd61b545718da8e8a7d8b456b57b194a51c1e22128c775","ssdeep":"","tlshash":"4a3174c9a335b0c24a17cfa87f2ef3c2044a67f8291c9884708ba90c3955bcdbac4d00","first_seen":"2023-08-14T20:47:06Z","last_seen":"2026-06-28T23:35:08.454397Z","times_seen":10476,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/1342-e39ae382517d6e27.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.171Z","timestamp":1782303571171,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/1342-e39ae382517d6e27.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3w6QNxufLgSguWGUpib2IqeH1mlb7RoO5a5gK7TFYx31vRMScFppHdaNffQBpwViD5v6V2IgdDCDkBlyt5qv%2FSbP8C9n%2Bs9jD1ltFcocU3ahU16td7b0Rk9foGUa8w7Y%2Bw%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 544934\r\ncf-ray: a10bae67dee656b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1449011,"size_decoded":545697,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"6fc40cd79ee8752ee16a42d8de3a9836","sha1":"899243cd2ffe7a5b0aade6310d845f5f47289847","sha256":"0a935b2d469e703bd6e72a9f682823d483fc28d56f3a663787b9c21498d9db30","sha512":"13d3b80b739af5022c6c89df890e60ee7ea4607afb89204aa6fb7d43e6350cdac310e4a6d25be33703fea38f4cdb0ee7f1197766b97df7d197a6db1dff6459b3","ssdeep":"3072:2XikgRVZiU7NiK6xkdF3GK0/NtT8aH7fwTqdypuWw+1sGKIzXBX+:2XNUpieiztQI","tlshash":"5c25bde8678526e5bd4cddca5940b4ac007980370dfbd1cceb2af4e740b87b746a9d26","first_seen":"2026-04-13T13:34:34.611278Z","last_seen":"2026-06-28T13:46:09.809591Z","times_seen":4363,"resource_available":false,"data":null}},"time_used":69,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":51,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/3047-780ecd63e8341fd0.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.176Z","timestamp":1782303571176,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/3047-780ecd63e8341fd0.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AlcNfnLHv%2B647kU8%2BkuydlsAC1dNpOaH8%2F3rEYK8P07YzucW4BqyMXSjaQsaVz8xbPyxPs6TNwfJv5uB1VIGHulcuiKGHttGDFy0VPgWr9%2FnzBt6FCBL1lDpK9VkBuxcoQ%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 86480\r\ncf-ray: a10bae67dee856b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":316805,"size_decoded":87244,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators","md5":"1a45ff6317fa4327137123bb7bfa8d4b","sha1":"bc1ead1c1e57bc9d70d9ce61b6580fcff62dde6b","sha256":"52347ddc20c0cf9d1a0b8d9b4f7324defd9706465148f58c081f4c07848b1d65","sha512":"714d24afd1fc0a2eda39f7f9793701b61d9b29be01f251c4cbac43a76732bd29c0352d99eb68cb43e69e5670f847ea3e8b4ee9593188b64937437621993ec32b","ssdeep":"6144:fT+0+Qhv42Fh0idHSlq9p0jy79DMHyPCij6MIVs/e5rKYfxGAaXaifqUMjuTH8NT:rrfOR1","tlshash":"d3644ac871c1f4a8929361a6803f050bf23d2e2de45d9454e2a9c8d87979dcde237fb9","first_seen":"2026-05-13T18:10:45.788088Z","last_seen":"2026-06-28T13:46:09.846185Z","times_seen":4313,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/greenColorDSGN/bg/preloader.svg","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.136Z","timestamp":1782303571136,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /greenColorDSGN/bg/preloader.svg HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/_next/static/css/d4dbba7cd4889f6e.css\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LhhVJcFXZuT1Pfmr7dG5FymwGwEaSVdtyEiETE8IM4a92%2FO3UEHX95qo49BfOj8u0W65BK8v0GQyU02DLnnLh2xQqh%2BzPZWlwPTKgt%2F8lUO8Zo1oGC45nBrukSOfG%2FypEQ%3D%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:04 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 883\r\ncf-ray: a10bae679ed956b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1652,"size_decoded":1625,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d4cf0d8e07d5ff0a22dde176b5e6926c","sha1":"bb3f41bbc80202459f3bd9a27054f855523f8ea7","sha256":"caa934ceb360955e8ef4eae0984d9ee475137fa2eee2b013586e25461bc1703d","sha512":"03fa93b18e1610abefaaeee02782234d164bd6de0d27aff61c5aa02e260d50e0b69233306e46bcabac18c6de2ce085a5859bd4ee71c2480acb0e4a719a3c5123","ssdeep":"","tlshash":"703122c04abc425cf604a6a9cf122875be1a64ce578564baf3ce9d06935805b8e0299b","first_seen":"2025-09-13T11:18:32.012309Z","last_seen":"2026-06-29T00:31:45.107336Z","times_seen":19765,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/greenColorDSGN/mix/landing_zeus.jpg","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:32.117Z","timestamp":1782303572117,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /greenColorDSGN/mix/landing_zeus.jpg HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Lc5LXxpDxi2vCTtadzKCMiem31vvGeNHzb57GcQyRSj07UtkYK%2FXK3xAbCqletZ6iWmznMBdXVn301lF9B3PkVrBnr7KsVIW3kzg0BqLUpm7vK9Pdcm%2B87W%2BhkMtVXM6Yw%3D%3D\"}]}\r\ncontent-type: image/jpeg\r\ndate: Wed, 24 Jun 2026 12:19:32 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:04 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 179638\r\ncf-ray: a10bae6dbf7f56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":201878,"size_decoded":180378,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 2368x1028, components 3","md5":"28ddcc23e4d8be01380e65e823904d84","sha1":"fe6cf680ed934ce00bbff66393dd076b15184486","sha256":"ce31ce6181ee64d6d05347285c6b04765859159285cfd706b617e02ab2851839","sha512":"375fd38d2afd987610235da2f48799220b401b999f012bef5d83e079e3f6142bc425d5d78991f35c8df66c88999adbb165399bd5887da34d9e2c9c495d7d327d","ssdeep":"3072:PpZCDctONi+s/9M9EpUdbnP7uAj0Mc85RjRdr/qHrDIDzyiN:L64I99P5InGjRdr/qHrMDWq","tlshash":"001490038c1c8b97e52993e4bd530dac2f592b5ce9813aff05231ecb7e645265dae01e","first_seen":"2026-02-06T07:23:23.986859Z","last_seen":"2026-06-28T23:35:08.473761Z","times_seen":7343,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/8824-ddffb509a90576a1.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.189Z","timestamp":1782303571189,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/8824-ddffb509a90576a1.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Pmr1zLYbMkM7VGH23qpEuxM%2BL8oCUBNfDdPk4I5awLcqtq4VRMEDSLoXncmYBg9%2Fwmgx9OEGcZW7RJs%2BqbDfJG8o5yGJfP3GNl3HCHwVrNln39C3mRNpwNKg31Da%2FTIWGg%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 205429\r\ncf-ray: a10bae680f0f56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":492118,"size_decoded":206194,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"88138b1397ee14b04ead267aa44c4196","sha1":"760b927bacdf81d73a0f2084bfb3ce7a76478e63","sha256":"a2d07d31470b51490786beb8167c7fafeae5a0236cb44537c4dc8857b3c448ce","sha512":"9841fadaed80aabc013a0fdccff0b1356d14a06a2952bfc883dabd299aa5fd9a4369b504e8ac7d28f47c27573be3bb4b94b08d389d3836697c2334185931304e","ssdeep":"12288:3fB+XoxJuhu/v7uV3rIPE8zGglvb9hsm8sMQMNIYsUKwJAsTF4Xylyz+hYsUUIJM:vGgthhsnR0yF4XylryF4Xyl+","tlshash":"94a4be69da7112fdef516ac0ca177015dfe6a6936fc789e8caf6ac040bb05ce4301e91","first_seen":"2026-04-13T13:34:34.606306Z","last_seen":"2026-06-28T13:46:09.810407Z","times_seen":4366,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":63,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/css/d4dbba7cd4889f6e.css","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.048Z","timestamp":1782303571048,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/css/d4dbba7cd4889f6e.css HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WnafIsFqJATltDvSiR1KJPcPVwd35dzs9vI3H0TIWisOMG%2BW24%2FEDWnSUIKoL0TkyBYpkTMC8KlqYaIoyvdY9ziY%2FNC6O3yEzM8vHe3ihJ6bFtkxTfG1xXSa%2BQCZw4JB%2Bg%3D%3D\"}]}\r\ncontent-type: text/css; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncontent-length: 2409\r\ncf-ray: a10bae671eb856b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8868,"size_decoded":3167,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (8868), with no line terminators","md5":"68eb5f61ed957f0983f60b442f427751","sha1":"16106de8065b5f5de07d98588cbced8e42490d2f","sha256":"87285d37d87af815bcc3e3f7ef033d46840703246cd461fb2f47728d73e05f02","sha512":"bf29e12876a49faaaaa3a4c479c3e92ad15d6c9744bc2597d9fc4ccab6e139c99caf7c0ac53ed1fa758d97d4f4f4544609c92091fabcb7bc54f242cedc59e73e","ssdeep":"192:4SJhREZKVQrejs42r9X/Xqgv6UA7HHvhvlM:4fKV44hlm","tlshash":"d702f73cb311a0b242474f0f94a3ef6b8d6fb05acf674a6691a4058cb7cd9d015e1dab","first_seen":"2026-04-13T13:34:34.649281Z","last_seen":"2026-06-28T13:46:09.792557Z","times_seen":4364,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/3121-84e2be85f77396fc.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.156Z","timestamp":1782303571156,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/3121-84e2be85f77396fc.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BCDroEuEgA85RJMF2HqHuA1VN6LOijFtsy1%2FQ0XQ5uHgqKFtJehm9xgTCXutq%2BrHQmhHLzj0XiHf%2BHFbI8K7x8p05s0weL5R%2BC56q8vaxtpsi%2FFaWFwzglDkTWsyQUQfMQ%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 56586\r\ncf-ray: a10bae67bee056b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":224282,"size_decoded":57354,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65418), with no line terminators","md5":"6b869f389beaf6b6ee305c2aba742110","sha1":"616f5957c5c11da916d8ffedf458597b7612b071","sha256":"ff0cef3d5e2eb5fd8fc70bd3af62141c28494e8218ca265cf9a5e5928df7818c","sha512":"9ddf70d0dd79a02c44d6a335d5170723a18ae5b4981c674756d69075f92eec44f398da73f2145878630de71aafa77e6da60cdb26bd138667b448dee4d3b1582f","ssdeep":"6144:A+AiF7KKW6WUSoMtIn9Ghv37xQnp87m0Sw/KKSUSOYYMCI:lY9C","tlshash":"eb242b497290b2e817e762a9547b282ef22f7d3cd222691477d4c87c3349dc8913af9d","first_seen":"2026-05-16T23:25:48.532058Z","last_seen":"2026-06-28T13:46:09.845411Z","times_seen":4306,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/global/holiday/top.svg","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:32.115Z","timestamp":1782303572115,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /global/holiday/top.svg HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ocyVBXdpk0mmm8yqvZG9%2F6rEhUG7eQ46roMttlaJDo3J%2B3MQTIKDGnN0B7AIKex7ZCL6u5xIC7jeNbRb7nfVv0QcCZ%2BB1DxRNVyU8ciiX%2BWNdDR%2BJ%2FvWo8H6pCQYyu3q7w%3D%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:19:32 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:04 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 48097\r\ncf-ray: a10bae6dbf7c56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":109971,"size_decoded":48845,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"765e4b902462e81209a68203122c5462","sha1":"c8a22e10bde49777ae443e9f3a3b6bf474659b68","sha256":"0d81c69880f645eaa8ad5bc7f874fe5c302d163c6ddf8e2b2e5633c222949f88","sha512":"d34eb7f720beacdf9d545cc1219a56e2a26b05477d98d9ed188c116bc9319de2f49db046893a0ad1680ae6a9c81bf69190f5de47bc94fef0b5f99049f36a65df","ssdeep":"1536:TVcmxdYMDacj729Kbg1AsjwaT2ROc8n6GheoROmsrLc8h7CJaEukrWE/A:x/FDa42Kg17nZtgER+","tlshash":"47b3f9fd6b6185e0eecf8af1dd3649907f1b34fe2b52525482a4ee607833e58894cd90","first_seen":"2025-12-07T15:18:05.795582Z","last_seen":"2026-06-28T23:35:08.449592Z","times_seen":10042,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/greenColorDSGN/bg/stat1.svg","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:32.128Z","timestamp":1782303572128,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /greenColorDSGN/bg/stat1.svg HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ls9H5DEXpIpKzePLJqGkuedhG%2FW5e5%2FHqv4JPWuRrDf%2BwKuF5%2FdqITZBcBvRFsDxdutNMTWA%2F9T5s3GgBxL750UmE4zfmgZDKAPtYeYCiaKhFldqOC%2Bi2LSM4Fvr3rewnA%3D%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:19:32 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:05 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 1822\r\ncf-ray: a10bae6ddf8556b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3636,"size_decoded":2569,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a62014bb87def86bc408bac073b0cece","sha1":"24ce6cf0ee0ebe7956bc76e9bd16151ec3da5244","sha256":"69a3b7fd361a9307dd99ab7a8c12c3178f4ee11e5573a2c0f78fd014e04f4b64","sha512":"ee7ff1a7a9cf304d61ac90e25998182241854e3de44df25fd9541b3caddb222d206a4d3fa250e4d4d64ab42d595f79a0e24fc21ec4fb753f0b7ca2d64eb73282","ssdeep":"","tlshash":"d771e6cd2be812f0ec85b7f6df06642cb80e14b2598848b8f21d1f557b04ce98a4ac92","first_seen":"2025-09-28T21:41:24.045294Z","last_seen":"2026-06-28T23:35:08.432187Z","times_seen":9703,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/global/countries/es.svg","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:32.206Z","timestamp":1782303572206,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /global/countries/es.svg HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LGMyNzkbRmpQWNSQh87bgeodnhMAiccpsSw7YxCkvOGtP5BwrikoMxHRxFE%2Bl0qB9msEspiNhQI5y9YneS%2FyTmjCvyURCcuJXvw3Mn36jVgP%2BcBSkLuWeICN5YwD%2FlNvRw%3D%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:19:32 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:05 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 333\r\ncf-ray: a10bae6e4f8a56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":629,"size_decoded":1075,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a8224968196d0dd6d84e44c98093c280","sha1":"882b8a579de32e24e13e999b411abd814071cc2a","sha256":"f8cf69e4d0d285ff8e9be18f239b65e38fe1a235086a8daae53b1baa1e7a3557","sha512":"096da45f1e9c9fd020364a51f387110fe6b08969d607a52acd6acf7f01215e15ebb88c93484b7aef1392143f744ca491f8862151d5c4850ec8f7b9d4d419e870","ssdeep":"","tlshash":"bcf049c5743db18388098b742d6e70e6408e721b554814dd70079b28a3aa3df7ac2f6c","first_seen":"2023-04-17T16:03:39Z","last_seen":"2026-06-28T23:35:08.452263Z","times_seen":10926,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/global/countries/fr.svg","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:32.209Z","timestamp":1782303572209,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /global/countries/fr.svg HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mSM2Fo%2Bqp%2BrbMZzqJbDxl9CBPqrxcy4ucKZm%2BgzeRuRdagHMsff6V5nKJIrRxXGQvS1ELaTQao8bHGwmqUCmJuNMhV7xRgjE7GNvQx%2FM2pxl2hdlvK7SQI8%2FCwYgl%2FN%2Bxw%3D%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:19:32 GMT\r\nserver: cloudflare\r\nvia: 1.1 Caddy\r\nage: 327\r\npriority: u=4,i\r\nlast-modified: Wed, 24 Jun 2026 12:14:05 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\ncf-ray: a10bae6e5f8d56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":270,"size_decoded":877,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c1a36c711f0ae0ab46c7dce06f63a723","sha1":"5cff6743ac6eed2912288bacd35c363a2d586d18","sha256":"861059eae96aea4c38466209edfad68fbd84ada37bae4ccac92d03011046a524","sha512":"e8d4869bd8d77613770a36de15c23dfade7a3bf3a465c4a6c79be55d9d6660874b5cbb60e631f04964840d3b4d736ceb25f31b30779e8d5ec64023f8e855cdeb","ssdeep":"","tlshash":"f0d02b9dd07de0c448138b703fde31c1418a6326364600dab047272861cc3ef7e40f04","first_seen":"2023-04-07T23:46:38Z","last_seen":"2026-06-28T23:35:08.453569Z","times_seen":10944,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/global/fonts/proxima_nova/ProximaNova-Bold.woff","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.140Z","timestamp":1782303571140,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /global/fonts/proxima_nova/ProximaNova-Bold.woff HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/global/fonts/proxima_nova/stylesheet.css\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-type: font/woff\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=07Un9MI2XFeu9YZeQncSxpJXDw7Cxa0%2FF1vbTG%2Bm2mvQwbM0J2saPrJG1amq12DmPIjBvCjTGd%2FGhKd7yVw8q0JKKNFJXkxAgjt9dEQx%2FMf1K9RRMeRx8MGJ7sOdM5E52w%3D%3D\"}]}\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: a10bae67aedb56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":52068,"size_decoded":52744,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 52068, version 2.3","md5":"e2cf3dc2f079bf3d5185a02552f153c4","sha1":"9e900ba7e0890a12a5697fc7ce86c058b145d215","sha256":"99a24fdd4e16d8dd4fdd79a5dd2dd7b71c2c68473fd6b3cb4eca4fa3f33d9ac1","sha512":"1043f0d116fcda17bd933ff2594b7c79a1fd41259f28aa8283d90e1a56eb6b8830861f109f9eeb3b81d79408e8a6a3648d973ee8a42fb5c096b0f84138392935","ssdeep":"768:gUZ1BWLCju+iIoHoWcknJh+7x77rai9YTRPxnE6eWPeLJWPznTdpjXeE8vFmdn:fX6Cjuct8QxDai9YLE6eWGYfbX98vMd","tlshash":"2433f1a524350e2797b7f4fa349d0665cfc6024db42b55faa4cbca019a5bff8b530823","first_seen":"2023-04-07T12:58:50Z","last_seen":"2026-06-29T00:31:45.090442Z","times_seen":23003,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":14,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/9338-742398fd846a71c9.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.200Z","timestamp":1782303571200,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/9338-742398fd846a71c9.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=G2doQceSSVQIYhARxsWETaJARD5sd230Lc4VT3UE7%2BiX62GYsYIT03lyUSus8OhUUe3ssDbuHj471gQsE1FYLrbQoobECs9wbc885GKi0I69KzRGyrLYhPtkRXq9nAcTMA%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 253412\r\ncf-ray: a10bae680f1c56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1139216,"size_decoded":254171,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65360), with no line terminators","md5":"2b7b624a172740e15cab5bd742b040bb","sha1":"da4b4cacd38c8411c2757bab503b1e94d1387a7b","sha256":"cb81d12e10e97c97c29822437065aa8d5f2d0f71bed71df7e3b7d0125748046a","sha512":"8bf9e5dd6e8f41fc826a2788a73af7606876d14264892701adfc106ded698bc0b49037f06f9be77334cc5b34d939e305d98a4768e334e49b59966afeba39efe9","ssdeep":"6144:L+pzOk0ScZvzdjztsaAsU3Z2apIqOl4q58oLDmWNiWRSMGiLAlsrJYtkAgScxmPQ:ypzOZxRLLD3iWRSM9LAlsr1TxmBY3g6","tlshash":"ca25a456008827922bb37695269bdc0fa41ef12cc743c465b692c57e26cddc8a27bfdc","first_seen":"2026-04-13T13:34:34.662133Z","last_seen":"2026-06-28T13:46:09.82539Z","times_seen":4324,"resource_available":false,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":74,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/api/v2","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.754Z","timestamp":1782303571754,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"POST /api/v2 HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://app.heodox.com/\r\nauthorization: Bearer null\r\ncontent-type: application/json\r\nContent-Length: 165\r\nOrigin: https://app.heodox.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 \r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-type: application/json\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvia: 1.1 Caddy\r\nx-compressed: true\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\ncontent-encoding: zstd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0yhzLfGWH2I5jCrAiZSrtiZ7KJVSi5ZipAdnGwMV%2FpV8kZpCCbYXdEc%2BkofF%2FLQInXSD8veyLa%2FbVzFBWszxsTexDI8ty6Q2ftDdwJhmRbtfRBRfj9411OjVuzSFIuCnSw%3D%3D\"}]}\r\ncf-ray: a10bae6b7f6856b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":141,"size_decoded":772,"mime_type":"application/json","magic":"JSON text data","md5":"7d3a803e52c470b993becd0b965e3709","sha1":"ed3759a389cdd7b92862e8b26a18aeb9c4b0ab69","sha256":"432139270c850bc739ea04706366180cb2d2971fb069253be1c5c133627b98e2","sha512":"f553b53ba7540e77a9e1e35a4da25e0d731dd007885fb0d27c93aede46fb2cdbefc8e864ae00933d18840c3ae868c9198fabc1174e8dd900031ebbc61da5f346","ssdeep":"","tlshash":"a4c02ba43d600b1684e02ee0ca7e5d811e0530136d500c1c5ec387bc45091041f9e90c","first_seen":"2026-06-24T12:20:30.446913Z","last_seen":"2026-06-24T12:20:30.446913Z","times_seen":1,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":184,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/trumpColorDSGN/mix/preloader.svg","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.063Z","timestamp":1782303571063,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /trumpColorDSGN/mix/preloader.svg HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6oESVknCDEv95VYZheDtRDgsuiXWf91ldhn5nbvm0Npj9E6zPBtNyalddmeia6cUxdU1fnQ6SqQcpW%2F0kMMU4XT8DeXz4u8VRfOfKAs%2Bin9%2BykTyhR07bBX2vxS55vNbrA%3D%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 38904\r\ncf-ray: a10bae672ecc56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":119318,"size_decoded":39646,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"40fbaa8ff12ac1ebf23154c29e67a191","sha1":"a0a3a6c3b2a35874dca992b65fe8651809da05a6","sha256":"234f1a89ac1c64f2b60e7b7aaf30d3ec2cd97acd3f5fc844f4f55256eccaf843","sha512":"5c97f0bcda3d832001d8b751d6140ba2835b2ad34989ee6c4e9b44211dc8dbcb099eeb28666d6555505235ea97f71d37dc7c1a19e62c3a98a0cbd64e3c698ee8","ssdeep":"1536:objgkWcss2wEHMgG7RPP1VLatHLKazXxzP4D:TCB","tlshash":"edc360fc1af062cd88c0c7d27f69d2b93c17a3b798580805e66c5f5c0b9a96da851bd3","first_seen":"2025-11-16T06:53:31.134866Z","last_seen":"2026-06-29T00:31:45.095025Z","times_seen":21522,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/5358-6b6066a7c5be067e.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.178Z","timestamp":1782303571178,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/5358-6b6066a7c5be067e.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r%2BfELYSczgOlRStyFrdzMc50T6Ye6z4zIiJ8cPtOZ%2FBvt%2FAd0gMWRUWowse3qVHmYmvY2mnr9zObFNpZN0UExDYlCdfXkO9rD3fXNUY3JMlSMUO%2Fv%2BYK%2FSFOq%2FCOSbrWiA%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 229811\r\ncf-ray: a10bae67dee956b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":962608,"size_decoded":230582,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65416), with no line terminators","md5":"9156598b1de03a5170a70624dfc8177b","sha1":"b3492044b8717c0f42193be8f4e8f28a82e1350a","sha256":"a766f5b00eece4fff39e14883d3fd3b1d296272714633a36d9fceb8216d72c68","sha512":"766eb2ab0245999d24dcaa587fafe34ee2312c4d10e89f6f13f8cc4269bd1af69ad6e7332d59a1b2c509a2646875092e7403a98036288c030cbcd41ec7290a61","ssdeep":"12288:xHJlmOl48cdPyBOpIwGAWA7k3ghrhanjqv:JmOl480yBOpJBhrhan2v","tlshash":"7225190ea7d473b41bda3149364e4d3fe25cb638c352d016a5d6ea7d228cce4613bb98","first_seen":"2026-06-19T17:10:47.222323Z","last_seen":"2026-06-28T13:46:09.835583Z","times_seen":2884,"resource_available":true,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":29,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/3083-d0071871f85c1c39.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.199Z","timestamp":1782303571199,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/3083-d0071871f85c1c39.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6Q7151BfYhhXlyUad0l2Sce9Tv4d7YsrlHGJ0fnl5ybWSUB1AoWh7b33DsogpyfSMbq5M4Q0k20ygLfhH42GhI1sYPLS5whdFmITtN79iSutoCqcNFIp3jXNJXlMYe%2FkWA%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 37112\r\ncf-ray: a10bae680f1256b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":140858,"size_decoded":37870,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65178), with no line terminators","md5":"1e8736497d50701fd7e98b6af046968f","sha1":"dbfea11666fbb04bc71187a259b4318e935577c3","sha256":"f2bf0ce31e01e02feea9a6dba28d4318ce7e060806dc0c8e3a312b86a47bf163","sha512":"27ca329911a680c2a0654f53c3acb9846e41afbe86166bc73ee90c4f71aaea53c07bd3c3fe30a058e58154e9ab721f0238fcb7d087b6cae9a0313a6cabcd3aba","ssdeep":"1536:9wnbMGYAkPeRRJ0u4fU5g1+GoDJy+N0jPkV/KtXcUN3tadBZx4fH+dMxteMSVgvM:9wnbvvg1+lhN0wBDMxOig","tlshash":"84d3961600c827b52b677b25265acc0eb61bf23dc7429924b694c43b168edd461bffec","first_seen":"2026-04-13T13:34:34.639501Z","last_seen":"2026-06-28T13:46:09.836396Z","times_seen":4364,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/6544-b0711005848a5ae1.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.205Z","timestamp":1782303571205,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/6544-b0711005848a5ae1.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JxPidtmVG0oqc91RlWXYezr2LR0nNppfzLrUx8%2Fg9TfglrO%2BDrB%2F6%2Bmyrj9tsgnEN6X33aK%2BrLh6ge5epub8MSeeZTTvK0hfX3%2B53iRMpvZB1QXmapubRIcGXI8mSp4jgQ%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 192136\r\ncf-ray: a10bae681f2356b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":932011,"size_decoded":192905,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (35586), with no line terminators","md5":"39a5893ca0e9dde921d815faef0cca25","sha1":"bf860904497bd9c873fbc6c44eff66b61d990a44","sha256":"69a245030c2015ad280eedf3d0e5c896f8672d6803277ee2b15aa20e24595450","sha512":"439a73175b07db2985b9bc16ca9a6b5a029a041d3285e4c6c6e74e3749a85c41cd2db6a0999dd0aad865f389558e77a38bd1e42f36a27d3ee02a6731b9cbfc8b","ssdeep":"3072:LxF1G4zn2Qbx7Lg5H+vCWpduOhWr8BqUH9d8YFdNWRmfewJTLiAezha1h5L2iQfS:hO459yOCd8/qGwUM3qMz74SIxTrt","tlshash":"3a15321cc778b7b12fed398936490c3fd66db570d7a202566994b3fb1088ce0506abda","first_seen":"2026-04-13T13:34:34.701686Z","last_seen":"2026-06-28T13:46:09.803417Z","times_seen":4364,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":61,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/api/v2","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.753Z","timestamp":1782303571753,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"POST /api/v2 HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://app.heodox.com/\r\nauthorization: Bearer null\r\ncontent-type: application/json\r\nContent-Length: 161\r\nOrigin: https://app.heodox.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 \r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-type: application/json\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvia: 1.1 Caddy\r\nx-compressed: true\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\ncontent-encoding: zstd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nY175Fjk%2BSUpiJKWziZkAAY0Dtf0hfPaTPFlKiKIOWOcpM1Te%2Fdc%2BjVjZFahKFJTmUhW3DwIwpo104NDQytADQPl%2BDSrgDniDUfJ9uviCyJn51CJXsF5QxjVR3R9IGHzCw%3D%3D\"}]}\r\ncf-ray: a10bae6b7f6756b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":113,"size_decoded":744,"mime_type":"application/json","magic":"JSON text data","md5":"638c89ef349481c6985be4837116bd7f","sha1":"8fef3c240c66e6e7f62b2cc183a6c7bf9d3748fa","sha256":"1777ab757416925ee377f886d020f9afb0a5479d4cfdb4243dfb93c9603b1f2e","sha512":"3cfdaa584f706d48be43001b1d36a264f2b2b1b30c2459438a0d5a1b95302b3785ca7c2259a0a342af73c8fa3604f67445f81a6873df7298a3d4a7f75e738b1c","ssdeep":"","tlshash":"6bb092209823fe00a90292ec08ee4eda4189882f659c8a43472a8aa54612b5690e2b54","first_seen":"2026-06-24T12:20:30.452762Z","last_seen":"2026-06-24T12:20:30.452762Z","times_seen":1,"resource_available":false,"data":null}},"time_used":185,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":185,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/greenColorDSGN/bg/free_reward.webp","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:32.125Z","timestamp":1782303572125,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /greenColorDSGN/bg/free_reward.webp HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/_next/static/css/d599adfe9f648657.css\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6%2FQI71wGqTCzmMZGdsqIzpqAorAGwSpgelRfjDF7LKXB9z1zjHO9J%2F0FVLtRaUzqNHtgxu55JNdny6d5VuJv4PKiJR%2FwUgb16ARHhwNlo8imdrQ1Dcm1E3YXo%2FV5iTJjmw%3D%3D\"}]}\r\ncontent-type: image/webp\r\ndate: Wed, 24 Jun 2026 12:19:32 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:04 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 9606\r\ncf-ray: a10bae6dcf8356b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9602,"size_decoded":10346,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 390x108, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"9ff1da902b946265f24272fc301815b3","sha1":"395daddb9c99b6f15b2651985a115e6395128db6","sha256":"67f87d0d17d6c7549cb8dfca755651258f123d24bd28e67bf90a6d1777831edc","sha512":"3e60ab0677a151c7eee4111c0269503dad38b9e36e9a7d52e540968d642612aeecaab21091a3c3795943bfcd701b51efc87ffd283a8273a4159484de4a362e29","ssdeep":"192:AXpAE6uvkjO9qzNScQt9EXi9N6y7D+AKbr2i5+q1Hj70rl7zkmt:AXX6s/9qzNIjr7cbiIRjorhJ","tlshash":"35129e54b67eeac19fa7c5ef26f093931236a77d11b1e8c3087d1ca64464930f384a1e","first_seen":"2025-09-28T21:41:24.335314Z","last_seen":"2026-06-28T23:35:08.427076Z","times_seen":8449,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/9689-39df663debcc7932.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.191Z","timestamp":1782303571191,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/9689-39df663debcc7932.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eDcpmvGtpNA%2BNuYxhQSyLlFg5ByqW5ZLilhzR0DiorZyzZfe%2BVNn%2Fmhrw9kxC8G1ftMdmRuKGYA6tjm%2BxQe%2FAtZYVtmiyPhVhXgu%2BLPXTPDENnikp2dSujIl5ccveAIvPw%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 899191\r\ncf-ray: a10bae680f1056b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1462413,"size_decoded":899960,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"9db46b5d4b739ec66f2a1c0b604e8f70","sha1":"c1b081fba22e6c0500021767d5a384f5464506f3","sha256":"43946234d264f14d2be22b5bed48cebf1c0283592db43db6fc888a07fd429a6e","sha512":"86e1f7a2294ad4475369395bd9e42aabac53d2a7defead470c705bfe7236d9507636842e05bd60063e952cbd2c29ff4b307afe96d76bd9e7a28c5de84e141513","ssdeep":"24576:7tPaAKapUMi69Q86f4lJay+AdFYR/QNnBKM7x5AKGE51:u7KwNhQx6I1","tlshash":"7b250135da2552fda728a4c2d58b34198ee685073fc589fcc9b6bc464fb2ace4701f90","first_seen":"2026-04-13T13:34:34.637603Z","last_seen":"2026-06-28T13:46:09.806135Z","times_seen":4364,"resource_available":false,"data":null}},"time_used":142,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":107,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/greenColorDSGN/bg/landing_block1.webp","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:32.127Z","timestamp":1782303572127,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /greenColorDSGN/bg/landing_block1.webp HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/_next/static/css/10dffa892f034c33.css\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4KTDQZzxNO8Lda1vdf%2BPHnwL%2FLCgh7rkiX6rrY7cmrwrHQClKqtVmd4DCk0Um%2FyV3gHEBS3sTOeydetEEjVUsa7%2B6pNMOXLRqN7P3mIMS9nPEErcpAmDM%2FeUUBamAu7yqg%3D%3D\"}]}\r\ncontent-type: image/webp\r\ndate: Wed, 24 Jun 2026 12:19:32 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:04 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 143257\r\ncf-ray: a10bae6ddf8456b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":143252,"size_decoded":144001,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1692x502, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"8201728c6e2cf2db0d1c3c296e9ec4f8","sha1":"1c5b38584ae934775d0ec23c9b0ebfa494bbb8e7","sha256":"308e698488e68037d3a4648279c289467061190da02ace13bddcff1f7dfb24a0","sha512":"76993a0e63c176ce55b170cfbff41c65712a660f800904f7ee54e504e66df07343bbfe33d810cefab3d7e959046e5bcc49685c1d82259c5cbe0d30902ad16923","ssdeep":"3072:jvdXxTC52KjJbmSFgMLRAQPodctih7E4opiSOVmDjXvzV:jVVC5/mAtLRoctiREXpUUDj/zV","tlshash":"3fe313be76b10ae8a8801cdf021e48b97f355f1355ee01c67b27a68f05a3519b5cdf0a","first_seen":"2026-02-06T07:23:24.023009Z","last_seen":"2026-06-28T23:35:08.451311Z","times_seen":7326,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/greenColorDSGN/bg/stat3.svg","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:32.130Z","timestamp":1782303572130,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /greenColorDSGN/bg/stat3.svg HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eRYlo5XTwKsVXZUmHThW0isbPF0pu7Y4XMEAcj861s2KIhLCDKs4Ktl2xcN059ZZKoYvboJaDNnn%2B%2B9bsEi1FrR2Q3Bx7ggDJmCJTvLTp6Kiq%2Bihs%2BFvuectL5Q4QA4B6Q%3D%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:19:32 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:04 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i\r\ncontent-length: 1945\r\ncf-ray: a10bae6ddf8756b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3827,"size_decoded":2688,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1b07edac84752d7c56e382e1f7656115","sha1":"1ab72bc6895070dc7d55c8d87d4f4f907c19c019","sha256":"979df951bda3030c2abf6f6508fa7d5914c95535e4c0ed1f20a836cf2857bcbe","sha512":"97c1a7ff703378b6ae5555c686ab628ac9387b52614d1144beb72d575391ae717a0e25c981a4de8366948338760c57c8a8c19913f1d8b37661a2e96c1496af66","ssdeep":"","tlshash":"9a81b4ef5fd402b4d889d3e7ee3214993e4360fa5a8a0d04f36cae89575585cdd1a8c3","first_seen":"2025-09-28T21:41:24.193021Z","last_seen":"2026-06-28T23:35:08.46186Z","times_seen":9702,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/global/countries/it.svg","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:32.211Z","timestamp":1782303572211,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /global/countries/it.svg HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nIvUmiFdayf6InmvVXdlL2dS4GQ8qU6P91qFAqgEXemyVSf6FF%2Fc8LVdBBRTBcBdPn%2Bm%2FCUzJGkp2WFfTRUWvW6Tk3974vYgxoZ2w%2FhbfnSgIhWNzgnRBL2lUtjj%2Bs5Ltw%3D%3D\"}]}\r\ncontent-type: image/svg+xml\r\ndate: Wed, 24 Jun 2026 12:19:32 GMT\r\nserver: cloudflare\r\nvia: 1.1 Caddy\r\nage: 327\r\npriority: u=4,i\r\nlast-modified: Wed, 24 Jun 2026 12:14:05 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\ncf-ray: a10bae6e5f8e56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":270,"size_decoded":873,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"4d4f20f2f1c88447480002bbf675404a","sha1":"e4a918db17e02d130c9733d7457211389b459535","sha256":"41b974254f3dd5b0853af7585c0417998a1ffa52e97e000fe2af3eee2c916d57","sha512":"04e180d7684ab9fefd920a74433c7fdea73380c5ec2588d6174ea6c14a20bdf1ebaf250158977863fd79051cc5012e5da4b9453f88998262b5cdc1672810ad79","ssdeep":"","tlshash":"e7d02b9dd07de0c448229bb03e9e31c142962327364500daf04b271861cc3ef7e41f04","first_seen":"2023-05-08T16:47:32Z","last_seen":"2026-06-28T23:35:08.444339Z","times_seen":10938,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.heodox.com/_next/static/chunks/4310-53eb2d994601d39d.js","fqdn":"app.heodox.com","domain":"heodox.com","tld":"com"},"ip":{"addr":"172.67.205.249","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://app.heodox.com/","date":"2026-06-24T12:19:31.203Z","timestamp":1782303571203,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"heodox.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Jun 2026 19:25:57 GMT","end":"Wed, 02 Sep 2026 20:24:46 GMT"},"fingerprint":{"sha1":"59:8F:A4:F7:E5:3F:09:04:CF:A8:B0:98:E3:C9:D9:C6:D6:FC:21:A6","sha256":"FA:0E:A1:D8:37:48:BA:C9:55:73:DF:BF:86:36:C1:B9:0B:12:DC:35:6E:B6:48:55:AF:5F:22:C9:F4:9D:33:B3"}}},"request":{"raw":"GET /_next/static/chunks/4310-53eb2d994601d39d.js HTTP/1.1\r\nHost: app.heodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://app.heodox.com/\r\nCookie: landing_attr=AQmM_w9EIUdb98fPSV8kT2gylrx-95GAUZj8UL4POAtqfYjLwr8ZlQsBEvcwXmBB_DcEXJjC4tGXBf3ptASSYBGckQrIXWTGVCwN0N5GN9ValdDXmGxknibH_Ish6pdykrCnHskaD_-TQ3sVrz3LNF8iqPA-e5YmMf_6itclQnEwa1ZhPaWh0cCaNENfX-SuHo6WSs9TrMEjYTKh43HwH_VeioLDgQV6iI0CCN0uXdjIeR4\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XzqqyEy4zTZWWcYqvfqkZLuOT51xGdfiN3oE4v5JE8TOYDedW%2BuPQ%2BJzB2ol2PnbUw2fKm%2BP5440pcGO%2FamSSp5QpHBY0JdnPBFHAwWwThhI899XA19Kv8kDwE8YmrRrSw%3D%3D\"}]}\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 24 Jun 2026 12:19:31 GMT\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nvia: 1.1 Caddy\r\nage: 327\r\naccept-ranges: bytes\r\nlast-modified: Wed, 24 Jun 2026 12:14:03 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-length: 46835\r\ncf-ray: a10bae680f1d56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":241653,"size_decoded":47599,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (39028), with no line terminators","md5":"1cf0afc09bb69320084b8de536c82c15","sha1":"b366ac3a2df29aa97110376475fc08e2b310e168","sha256":"5f6628bec7be06e9879a734589c7ccc242657acecd391f739a86d88f2597b1ee","sha512":"cb32c35ceec0ed7c3b0cbb53eef1a7754053eb228fbc9c1aff2abc56eff7aeccbac081b3fa583f2ebf3ba836f3ea808e269b380636f9fb04b3c887f425900bc3","ssdeep":"3072:PSHoE3ssKaFRWxTDF0+uoWTr/9CPxZi2rbG/r0mJo46W6E9bVWqnEbvY:wb","tlshash":"b734370cd7bdf3f51eec389e36490c3bd5a9763093a5426688d0b7eb5485cf400aa79a","first_seen":"2026-04-13T13:34:34.704197Z","last_seen":"2026-06-28T13:46:09.818709Z","times_seen":4365,"resource_available":true,"data":null}},"time_used":47,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-24","alert":"Phishing Block","trigger":"app.heodox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-24","alert":"Sinkholed","trigger":"app.heodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}