{"report_id":"fda03ef6-0242-4c10-80d3-d0091b93dce9","version":6,"status":"done","tags":[],"date":"2026-04-04T22:14:51Z","url":{"schema":"https","addr":"herotox.com/","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"104.21.44.13","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"herotox.com/","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"title":"Herotox: Most Popular Online Crypto Casino Based on Blockchain","dom":{"size":44871,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (44871), with no line terminators","md5":"e105152f695fbe7b5c1692ff6ad0a44f","sha1":"7bb6ad0350806f664832ad4034f83b3495c9f2df","sha256":"4beaba44bbb42be79d4eb23d76e62d5c22944b3c00871dd139fe62a709f54d40","sha512":"a304a876450608e151bb1ac1c1e2301c39551a7238ea388c155737a7d395743d208873fe46d2e4e7a8f52205f07cb36b7f1e7a1863cf76857e4e7a9ea9437f38","ssdeep":"768:U7/t2uBv94BhhPhleMeDGCSPxeeWmHF0p0rCQiOf6pMK:0vqOGpxFWA0p0rTG","tlshash":"b6133b7aa520da26a8928fdcc5391d38658fc1bbc795c4b4e38cdf4421c2cfd9b558c6","dom_hash":"domhash6c8d2354e092706b0b8b76f7d5a2b31a","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"herotox.com/","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"104.21.44.13","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-09T22:14:51Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"herotox.com","ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-03-28","domain_rank":0,"first_seen":"2026-04-04T22:14:56.219365Z","last_seen":"2026-04-04T22:14:56.219365Z","alert_count":114,"request_count":57,"received_data":8329621,"sent_data":25664,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"herotox.com/","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d4f58df8ef556437633bb90cc31469c4","sha1":"c1c713bb5046a54cb79a8e7537b6d7fca624fd45","sha256":"2dcb2e50c883929aebb7a64a7a22cfe2260d856a3c36a6926c082da19c552b7b","sha512":"54c8a79f5897cd198db689700c24f950ad7fe19eed815f8bfa0e47428701d8c84a1fd8f677a6f1b2a4f1443f35f2dbd19e6f456ceeebfb1c59275bb356e1a5e9","ssdeep":"","tlshash":"bfc02b041427c47b421c6f4dc02243d4e4b020bcdc492480801d181800d0c313b40cd6","size":130,"data":"","first_seen":"2025-03-25T18:26:20.414558Z","last_seen":"2026-04-08T06:28:06.876495Z","times_seen":22171,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"1a6e1178e4bbf5730bd664a49dd3bc24","sha1":"17c3ae3273f9de6afbbdedf2e413dbb3a6722792","sha256":"3814cddd18b2095e01abb745a99e5ada90178e709c09879324c3b623f2d829ea","sha512":"cfb1aab0bf589e33fd12906f448ddbbf7163420a088de513b174304c9ba3a7abcd9b41c98bc4dd51edd0206c1fe4660db9857e3c6163d1bf50c670cefddee509","ssdeep":"","tlshash":"de9002b090c39c5890264186687100160b6c040c01080141132184d810115048e40d8e","size":43,"data":"","first_seen":"2023-03-13T01:07:12Z","last_seen":"2026-04-08T06:39:29.062289Z","times_seen":83239,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/58172-2e2ad5efca352ade.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a9784916761bd2bbc76012952021d42d","sha1":"253cf85cec6b9a53b449d758e2d542a9a182bc23","sha256":"c0b7563919543117a0168d95e03a8812821df1f79a8bf094dadda24536660d92","sha512":"54d0abe66c6ec80868c406f1838ff8760bcae6758bd406c57e29d3ae842812ffb81cb315706c46e5d6a26e8bb80c7b1fc2787d02e360d635ebf22aad6c3c7431","ssdeep":"384:H74ml/FeOUGcg70p+tlof7VCEv/f2rVdVOmo778U/eWJV+o6:b4mldXUGZ0p+tl8VCEv32rVPOmg8UWWo","tlshash":"cb62a6d12b10495d3583ce7aca363929f2ef69ba393d57401168cb3cfd18ad4e6361e8","size":15156,"data":"","first_seen":"2025-09-13T11:18:32.621492Z","last_seen":"2026-04-08T04:44:39.471245Z","times_seen":7564,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/53069-bc2f18ad589424b8.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7ac63d555d472d97361e7af9bddf4756","sha1":"108e0e7b0303859d0d98f7d0a1651850d0c22b4f","sha256":"d5eb992a55bad29d07e2a4bf1ff73acb9d0b7e8b7ce0c8c709a58dd0f382758a","sha512":"43792b7bc72c98045ab4a64b38a76dd0a274f084a0e35bc7d9e82ccb4618d253de588106e8ff0a43dec60c95572e51626c8eec123901d02ed3f7202443fc847a","ssdeep":"768:9VFYbM3fiNkuGxL2umLBbPEOSQ7Lhkd+0xiFxVuxMgCIw/A33SUYq31kBVVLLEhx:TniNkDe52eh/oVkZL9DxFW0MSdUTB","tlshash":"48131a88533593e8f1c0a5f8d217649cfeae6aa4e741c470d3b16e11a0c78dc7a66ec7","size":44316,"data":"","first_seen":"2026-02-18T15:06:32.952144Z","last_seen":"2026-04-07T11:21:23.375956Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/92148-6f19ac7166461fa8.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c6501be806cf1fdae07f7147e6e32ed9","sha1":"b46315e1e07d5c32e6f2185e25c453902013fa4c","sha256":"e897f0138e8011ec20fdf4ac0b924c9d3edcae74328a9700f502563b25897bd3","sha512":"9fb4560bfb3491d7afc719f71260e56dc3a2bf71d2c1104251901c02eaf7a2d0a9d249d90b51e3831ce7b66e7ef81603dcee6c97900ffcffc51b8e244493e1d9","ssdeep":"384:DLZQxW+19Vd6J4FU0Zs1Th/ndpRqgG4gjbI3/ovs2GK/sYp3wm7GjUWybgAKJ7r2:JQE+buJZ0y15dpRk4y+gt7/sml7GAFsg","tlshash":"b482d89da3e6a5e8f003e3f8835bd8353aa72df57912cc145beaac21d51109cb4a5cc7","size":18801,"data":"","first_seen":"2025-11-16T06:53:31.12293Z","last_seen":"2026-04-08T04:44:39.446778Z","times_seen":7067,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/84382-2482953330b0a166.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"cf0370158146d04d6a4bb30991fd0a84","sha1":"aaffd0132b3b381a850a2577f1f1a2a913b54738","sha256":"4eaf627ccf85a218c108a0372cc8bbf12e564560bfe3aa4c6fa8724bd89c4e49","sha512":"f40f16781a65f08638674afd1f5ef2c099fafb448e34371ac425592711c616125517b599c50fe2c873a5cc2e20398b62b1f25f481efec5b3ef560093fb2f8330","ssdeep":"1536:atXQ7jwm9SM1ekDl8wzCBK2v3nwnVvZxy:uQ7jwK6kDl8wzCBnvgnVK","tlshash":"f543b409c5d8dbf45b7e2fbcd5a9d1c7ea333369a0712eda6752c8a0174928c712082f","size":58996,"data":"","first_seen":"2026-04-04T22:14:59.472328Z","last_seen":"2026-04-04T22:14:59.472328Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"21a1fb3ffdedf370d56900b799ca134f","sha1":"fbb1602baa144b4f0504d6be7c1d76f5c667ef06","sha256":"c48ba503c990c64fe39c6426c9290e5db39d861c5039152ffd20c5728e7c5c5d","sha512":"b02af67a53429ed1d2f2f4d62de76afa0b93fa93e62c2c067c3eb2992f37f551b47e1b06820dbd88e4b83c24c9fd4e6cad528295092cca1a9ad8a137de405462","ssdeep":"","tlshash":"e241540f7249e8967cb2de1b51332f36d88ddcb74239e16ce60de9ab064297e830c915","size":2246,"data":"","first_seen":"2026-04-01T07:30:57.212802Z","last_seen":"2026-04-08T04:44:39.473624Z","times_seen":463,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/webpack-6209289b887f51dd.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"03d3306bbf7b7f334abe4763d979e9eb","sha1":"0b4180018d60d24eebd16915c25177a44c58a4d6","sha256":"dd5320fdddfc901e0964cd68d3bc649455c4b9190de6963aa556e7f714c4fac3","sha512":"146126b3aacbe737237e2450d0a5af272d8ad8420c2e17f451fa29b55051a4199c9af809cbac7dcc51120fd1d148d8e5c6b95a99052fd3bcc740f75e9088dfcf","ssdeep":"768:++ybMHFdgJVhQskYzZumragyk/TlZeCPuLhO7/outNOPUhMfcJJi:0bMlarpLVNragnZsCChODouWcMSJi","tlshash":"5cc23abdb31cecee3c3005c2ac5624f46914b1227c4648d171dae77a04b6c79a76afa6","size":26723,"data":"","first_seen":"2026-04-01T07:30:57.1816Z","last_seen":"2026-04-08T04:44:39.463582Z","times_seen":466,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"57d0c8cb2e0a7cc78b95257bdfa57fb8","sha1":"2bded12f6d2876666ea5814218612c758b9a9336","sha256":"61411085fb58ee9c2311747e92565a053648706ae24ba96c93a7428dafdadd74","sha512":"b22b27bcd3a34dca5238fe34b9a11b571a86b8c80348717edee352432e387480327c47fc07250634b5d7cbbdd48f1df9f5511473a0d2705d407406b62acbd920","ssdeep":"","tlshash":"d0018f4ef505f8556d31ce2b052a1f35d488c9bb43b8806cf29cf9e74112a7d0348d81","size":685,"data":"","first_seen":"2026-04-01T07:30:57.214219Z","last_seen":"2026-04-08T04:44:39.474439Z","times_seen":463,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"a80d28b9f45f9ddbafaead10c3837209","sha1":"c8c96267151f02459db95b731c2eb18708c77f5b","sha256":"7277dd574b52e3d22b7e851ce99907f58087e8b047ed6f614a42697389c103c5","sha512":"0995d3730e3bf19b3c4cb7d277dd985366113b1b691d68291bc83e1e5deba69152e793161eb72b43b2d3cd74dfb805dc220e8d24c9383b4349bf94638f5e6825","ssdeep":"48:LZSxbQVoWnnBn6V0G4cKNC/lyUnBn6N/y2zp75LKNeYEn8bNG4NKKb:LYgBmH4foEa8/zp1uXEn+44MS","tlshash":"7f91d01e6805cd0bdc7e7d69023e9d36a4cccebb47619af4818ecf581a0a47527e9c91","size":4231,"data":"","first_seen":"2026-04-01T08:42:58.264194Z","last_seen":"2026-04-08T04:44:39.476736Z","times_seen":346,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/36860-0a9464d566324679.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ebed528d50f9e0657df76bf19dbe2ebf","sha1":"a745c8cac0f897a2e288bc643ba629bb89df2609","sha256":"f4ff2580f3ef611ca05990dcb937f89c700e24833b675e4039f569f79cc4da76","sha512":"8d0b8b70fcb7c71739ed7ed80ac98ec09aeaa478324288358e4c3f9622198dff8ed0d43a17e35e02c00537fe4d11c8d68a1fc9a60548aece0b1489ef3d3da6fd","ssdeep":"384:5mkM82Xy7PBRB7/z06STNN8txdOTTpPNUp0icpUAHEvDBUgf99Kxe2/KtyTnVfdA:UkU2fzuT778bwq5mL7TY","tlshash":"8092492b68365877a6d7bc748cae504c596fd24ba329089e773cef7404871ac394b3c9","size":19669,"data":"","first_seen":"2026-02-06T03:10:14.100987Z","last_seen":"2026-04-08T04:44:39.450171Z","times_seen":4090,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/dc112a36-4dd9553e3950a789.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8b0312e3e2ff7226227ee081f6693db1","sha1":"823c7003795d9623f8992900a6f337f599bb7eda","sha256":"dccd0125f7ca7c6c5f3f8ae7d813743257cb55899fcab2d63b70fdf06b2a05e2","sha512":"612eb966b9409ee719588a9f82170d4d6c9b5c075b85981a1ac0dc0fb8119997de7f6a139ba2908d7ccfe0ab342f452e39ca15ec3d9fafdc1c2a7d36cda06d87","ssdeep":"3072:Hbyz4KjrqQmINGbpJGDc0Lf1c/X6Rpbdt0myoQj7sOU1IMi9wD5yojt:HijOQmINGbpJGDc0Lf1c/qD0erI5BEt","tlshash":"295419597254343805c540a9906f094bf736292e246ac49cb36cf4efa8bdecd31beb79","size":305838,"data":"","first_seen":"2025-07-19T01:07:13.417114Z","last_seen":"2026-04-08T04:44:39.432394Z","times_seen":7614,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/39801.084c1265ceab40f6.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"938a092ea2cdcaeae93ee6b6fd784f5d","sha1":"204510eb11b94c92302c6c311741622a1b09ed72","sha256":"7ed47e76a0f733ab1ebaf59b88ef5d3a6a671bf8c1af48ec74cd9cf01377fc7d","sha512":"e30fe668cf899f5e6aa789cbcd1cba95248be44ec02966e22bcb4cef06200e6d8c5fd243415b0d30cf697572bf5ea6b0d51a7142fa45ccdeac9678688efa8a48","ssdeep":"3072:pRrcfJstYNwTXVN16F+ZbBiliiyXnbAlHq:ostY5GAGbAQ","tlshash":"b9b3f80f420813f22f921202369f69deb72f515563668d6578edd03c234e9e9a23bbdd","size":108722,"data":"","first_seen":"2026-03-07T05:32:19.784979Z","last_seen":"2026-04-08T04:44:39.443898Z","times_seen":530,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4ea234252cf1b2b586dc3769b37731f4","sha1":"8c7da62134c910ecd2109f07c52fc5efc49c1bdf","sha256":"f3969143ccfd1630eb2125e22ae9498f34a160a82856948fb0b413aaf0485844","sha512":"090555a54b1438d84fd8a7e4623d5c5014da7d9fdf385f780fc7922aa2914b2e4d74bbf38f9a46cbaf13bc26575bed2b6d1017ea885c75fb3cd4fc5c5cbb5d31","ssdeep":"","tlshash":"ead05e29a044dda6ec2e7956183dbe3b209d608f4498dea466c4ce284992a3a3342dd6","size":252,"data":"","first_seen":"2025-07-07T02:40:27.405169Z","last_seen":"2026-04-08T04:44:39.477586Z","times_seen":7159,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"336ecd728aed34847fe284a71a7633c8","sha1":"a44bbef2d7c610fac04b162558fbf8067bbf19c1","sha256":"298a83badcb2a2143eb6a35e2e5a3c9434d72df7ed059affe563666e94be8d49","sha512":"da1c0a1f4eca0e9698dd2642bdca47431095ccbed7fae407b56425b390c721fe7f16beee5fbd6b09d5655f1aede3cc59b123a51ff7818eec82daea4e2a286e8a","ssdeep":"","tlshash":"f2800470c4400c15c031545334747105017d400d000007005350d74450531055d07dcf","size":34,"data":"","first_seen":"2023-10-13T21:48:36Z","last_seen":"2026-04-08T04:44:39.478494Z","times_seen":7864,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6e40895f7fb0de70293369d8a10140dd","sha1":"93abebd7b0c60f5caa53a7e548b8974e81f3457c","sha256":"226dfb7ba8f5754d074dc64989ceb6bdb461f2f73bf0007a79a0aec7c92fe3ed","sha512":"94da220f08824723ff91b69d41c18fd55133919d6874e33f6cefcaf4b5c34b7b90fee566deb0dbdef95e51bdb3435a552f4730a11e21cce57da2bdfc16f97e2f","ssdeep":"","tlshash":"03d02b91dc13dc0dc3970f25183f1c3d31cec6641205924be884c97c5981e3409f0dc6","size":277,"data":"","first_seen":"2025-12-05T05:01:35.766262Z","last_seen":"2026-04-08T04:44:39.479384Z","times_seen":5219,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/67369-222f9a02bd61134d.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"d2d0f562c7d0aa123fc3b9110ba41409","sha1":"f8bb86ad9fcaaa9e6ba32d21119269d241b07992","sha256":"d814d64b251229e3895cc3d5c3c489f46e7a104b067562ca5512cfb197a2c9fa","sha512":"8b59f7093d20c00b2f06ef065a8429b308c7e09c88ac86f78afe14cf0fdf667b6c3e9b87153d14b690112863830a4ce309b2a88d55eb5f665aaca41133a7b57b","ssdeep":"24576:sNgvIh/V45VPyzLW3fx2/cp6lKxivBIVV/7x6XomFnoMBnxBqym/cpXlKxUvBIVh:V4G5q3/eIGYo6Ymk/eVGGo6YmC4MOqZ","tlshash":"a636931c8b6601fdaf586d81ca4770658fe286536fd789fc9abb7e104bb069f0301e61","size":4883419,"data":"","first_seen":"2025-12-13T06:46:52.602302Z","last_seen":"2026-04-08T04:44:39.475902Z","times_seen":6624,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/51096.d5d2efd398115952.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e3c132e70a3cf169a2eca9d5a55ebabe","sha1":"b4ca48271ad20555f17c11a3e9b0acd351771222","sha256":"a756eb284f53f6210c994a6890be5af55389875c0baf7789c9bc5e555bb69f5c","sha512":"e24b666010f17d7bb5c49ca0686faf3670ebb34d1139918c87b98e22274e9951a46fc21dfad095ca07f6775ef978e8640f3b16f237dd7aac4f35cec9147476a9","ssdeep":"768:bt7hsk89UGTrNgELQFENRIP4TVNUuXCEth:bt9sk89lTxTQ4IP4JauXph","tlshash":"41f2d80f460c22f13b9711423e9e1add776d65147712c87db9aa816d338c8d9a23bbec","size":35333,"data":"","first_seen":"2026-03-07T05:32:19.757389Z","last_seen":"2026-04-08T04:44:39.445819Z","times_seen":673,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/app/(auth)/layout-2f72bfb00bd0ee9b.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"eeb148fc570d2378a9f4fb4cef9277e8","sha1":"f15bcc479e6192f1c27e2c50e9957c34d69e1dc6","sha256":"28e0352c26286fc5b9430539a76f6e36d0f8ade3679fef2b830ed3805fb8b690","sha512":"0d5e4e9dc24973836af109e4586ee36dfa759ed54863e94049c0c21323043a57cc61354a7d5016b098e269eaabf1fe4be8e76ac9b487c6fe54177f0e396d92c5","ssdeep":"96:XZ8Q2TeV9GCuyzz3qZqCLXx29Hn5G9UV3aQ+7XCrUBTCUBTVy19GCOsY89GC4b6:p8Q2TeCtiz3Xqx29o92d+7XCrUIUvV3g","tlshash":"70c1a5b7b6c5fdb2565688d088378207ba503d37205fb480a7facce53169dca44d1f8a","size":5634,"data":"","first_seen":"2025-09-26T22:32:24.049018Z","last_seen":"2026-04-08T04:44:39.435129Z","times_seen":7569,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/58733-c5eff74fea05461f.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"608213cbae5946f55bcf6e3e236643d8","sha1":"e6181592f15a748e4b0e3a86966dc1cfb5d508e5","sha256":"dbbc5742780c4bcf13e1aa6afe878f0beb77154dda969c40b074b762a7afbbdc","sha512":"22e77044234d9e0b1b4cfa606b0cb04a83d7492edd1392a1880a984adbc4742f98397845f91d4a09f49e0ff4be85d190e7857113b818a5125c39ecd965504cc5","ssdeep":"384:7ry4eoKi6rba2BN4eofEPu2jQi/Q8nTREBJ6F5ACxKv82wfLba2B44eowGJdba22:7DHiG2Bkeu2ZQ8T6BJ6F5ENwDG2BZhJ8","tlshash":"498286e5e3ca73d0e10af7e44116943c3b6b21fe2b36cf584b9badb0a61549c654adc0","size":18872,"data":"","first_seen":"2025-12-05T05:01:35.743711Z","last_seen":"2026-04-08T04:44:39.427778Z","times_seen":6980,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/app/not-found-fc9e14ca8a12ea1e.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"513754cfa2d91f1f4ec59f666e8e64f1","sha1":"e7c65abc2aba2a3b2a34ca6c818188dd6dee9d16","sha256":"caeb37f0127a0aa35cb44554fe861ad9f79f13b433a04e4ea1836634df96d2a4","sha512":"37d0d55820bad028c997def5d851dfb42121d285462bc8952db7b1182ea060a0a0f4ea6a3fe546a78d8f2ea423f307b305ec0c69ceea3cf14e801159bd669e75","ssdeep":"1536:k8cwg5kif2aMaiR6HKf0x0XEdw/BvD7/a9yOAS:mdw/0","tlshash":"3c4374ed5bb009cda88896ea7f0610bc373e41bab46d8928ed0d5d38a0418d5fe17fd5","size":57585,"data":"","first_seen":"2026-03-07T05:32:19.76343Z","last_seen":"2026-04-08T04:44:39.439776Z","times_seen":676,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/4bd1b696-ad7506e6ce5b48e8.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"15510eac41ab1d5ef4d07adf66470336","sha1":"af7eb0a2168918b5999e83b71a10ba52809f38df","sha256":"e5b9e2570593ab1e59ae6a397baec8491e4c3d5e4628aa1439940ac0e2aee2fe","sha512":"116e3ef82cb1608f729f9731bf3ba61a1a75624fec0adf57d0536e5f7e1abae6c939e93af5bbde399079cc1634b5ffda250a76f08571d2e30c88eceecd05b22a","ssdeep":"3072:btfjLiM+NFCC4YQbCCAaI/02UHCgwLRE4:btfj2ld4Y40fUHQRE4","tlshash":"0df3f7e83d99e2116eb342a7109f2803737c262b240d4c60a615fd9db5b845bb17bfde","size":168420,"data":"","first_seen":"2025-06-09T17:09:55.347659Z","last_seen":"2026-04-08T04:44:39.464442Z","times_seen":7625,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/73345-c6c417d67f761339.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"eb597de485c3029dc93b6f3225acc0d7","sha1":"d3a6bc9d6749ea9f0ddd1b1862c90303f3ec3254","sha256":"3513d69dd757c29044eb92ab6a908ba6755e0845c38105ab2e196b0c75b96583","sha512":"1420716788ac11ed76547147942bdf2329c1bcfe8770745c3bbce32f99ca5c5866e20253ced9e0ebc4597003f7404825de2b601f8d24b5c2fce1125eadf0ad63","ssdeep":"6144:bV5sFqdfuGDdF0pL8sS65eILs3QKQmiOB0lDz:bispi9mVB0lP","tlshash":"ef644a9c7682b474939b016a807f0107f37e2d57240e4824f270d9ee7975e99a2b7fb8","size":325834,"data":"","first_seen":"2025-10-16T04:05:32.880573Z","last_seen":"2026-04-08T04:44:39.467135Z","times_seen":7524,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/global/twq.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7f4d9e824f13f7d27acdc868f36f7208","sha1":"125a712d37aefe5d3e52ce2ae8986e109eb473de","sha256":"d6768cdba372d919e6d9322bf3cf3a0dfe427d86293aaf16f23d096028a00a1a","sha512":"d6395459961f34c3efc4c55ffa6bd873fbf20cf9aab17d31ec926d7ff645cfb9ae0cfea469b98e0604c5de162b60eb1bfc7b06a6fe91e3497f3a4fb32d29c20a","ssdeep":"","tlshash":"66e0e7f12d093d631fa11374117f931f3143210575595b91d59cd540376249f8037b8c","size":308,"data":"","first_seen":"2025-03-19T10:41:28.935479Z","last_seen":"2026-04-08T04:44:39.442652Z","times_seen":9412,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/57796.e45f39755a070442.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c24306889c066a0c6e45e5a719c217c8","sha1":"fcd9fec48774760225baf46e9b68349387190355","sha256":"54e16bb637371774001af0da9b7ef97c3ea54ed0a6d11d16a0fda0dea88b2cc1","sha512":"9447144ce13d74d63f080b3c10dafc8c0b37511d48498169ee13ab0f8bb21994e2f347f8d4deb66e92f9c409a1adfaec9636ab2a652de003415a7d10651ad7b3","ssdeep":"384:kuqCrrJ7sA6MdMuADbY/7lpbCWU4/RZRY+BJDnYDE0ycob034x3SUQXuzeAL6HxW:7F7sA6WXAInWg5rYMlYzyq4tYdlyBp","tlshash":"a7e2d70f430423b12b9212053f9e18dd772e916573128d5ab9ba916c334e9dab23bbd9","size":32589,"data":"","first_seen":"2026-03-07T05:32:19.77685Z","last_seen":"2026-04-08T04:44:39.420596Z","times_seen":673,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/56060-72611dc1ca384f99.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6685f1c3cdf6f0d1227ab2b5af23a056","sha1":"491d91380ba5da6dcd5027bd954e6fe11103b18b","sha256":"237ff25124f0ca73e06c9e1d59caadd016273fa9b5b6bf211c991cc8d34d1b92","sha512":"6667f2ba323afce441aa6e23fdcb8504dfeda05286da37d594827c605042ba88ddd7bc5c6ec9565109d4a0ad4ddc9f8cdde4ca22cbb9eb8122b85ba04bf1d0b2","ssdeep":"192:/ztywjuim2pZQizyySL4tLg6SpiQhQ+YmzSRAz21OfsuAAuaSXCfb+e:/z9juim2xWySL4W6STYmzSRA61gEC5","tlshash":"4622ea847260793e1547866fd1be5516f27a292e382ed25433b9c83cfd21ac85336bec","size":10031,"data":"","first_seen":"2025-10-16T04:05:32.850927Z","last_seen":"2026-04-08T04:44:39.469556Z","times_seen":7527,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/53090-a64743b05c92b22e.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"15925877203605d5f2355beb36d57347","sha1":"17da103edacb7e181adbf9304938d039a200c1d7","sha256":"a986f72fb7dc330235296b864ba0f244f1126b2eff777b8a13ae36875dc96157","sha512":"ad516778c2e0dcaa482b03f5ab7a44fea87ce340ae85aba921277db245d9e6c5a49f70a27eeb99b6bef662c873647590edc83e75c63116c4e456045245b91568","ssdeep":"384:hC/SLOZgztFl6pfisYkxdZEAXtwdt4DvWmV9PvTLsb6r7/:Y/SCZ4Fl6pfisYyZEhdt4yIWbU/","tlshash":"0862c6e0d362fad8ed6785d5f12ea906b11f2f988b19c074f6b85c2053181c4ba27b9d","size":15666,"data":"","first_seen":"2025-10-16T04:05:32.826709Z","last_seen":"2026-04-08T04:44:39.444934Z","times_seen":5802,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/31684-5738d0dfaad74be8.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"338198f53e9ab0bb77a7fc2f057a8540","sha1":"78e8deb3e3e2703d617dfbcbfca2e893eb3cee92","sha256":"d3844f2db215d099728ef83a3b5cb3cb82279b669b231f54d2cdbbd958949f1d","sha512":"62ba9ce051e6974c6c74745a4ce6b49badc145041893b048ef42f09f979d0e579928ff78b7aa8abe587c73799a890c26703566918003494a9d1a3062ac019889","ssdeep":"1536:3Hk+1qVc+dJWgclHHlU0ob8OeM8aZLoEAEuRaQ3aTcXH10nZ6XEL4ZXEoFUOnN/e:VqW+dJW9QAMiEuV36XZmUON/e","tlshash":"8b04b8b676d0f89107a780d5843b400af3395c3b146f74a0a3e6cce975645dea1b3faa","size":176077,"data":"","first_seen":"2025-12-07T14:40:32.389468Z","last_seen":"2026-04-08T04:44:39.466388Z","times_seen":7007,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/main-app-fef4a8898ec7782a.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c06acc17c28c2888a1a2466b0a0d12d8","sha1":"63d7278ad805cf6b27e6fb76daee100f7cc61afc","sha256":"90a949795e63ad10200d2f57df2706979fd66bd412caea2130a9c707e21c5d5b","sha512":"745f5cba8c1f8c006b2d9a1f8ec15fe3e66d7909766f446755243e1b63aa4d611233d9fa175bc9001bcbce4a4a782e79feb80846ba96f394b38c1ed2b1f3c2bc","ssdeep":"","tlshash":"f5f0fba55f0df42f5d266e74fd97ace2184f4275206b4e647d01dda23c67b6cd260408","size":537,"data":"","first_seen":"2025-09-13T11:18:32.65005Z","last_seen":"2026-04-08T04:44:39.423477Z","times_seen":7606,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/app/global-error-2870bfd8a75981b3.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b9a1f9739cea566209a5d97cd6bbdf58","sha1":"23d3e0b04f270abae4738cd56edf40dcba207c94","sha256":"94bc684465b19b338426f3f47ee0f7e3f162dc01138340a20c4ab9bba9258120","sha512":"082430a5d2b35da80f04382cf4afd243fa7ae0ff20527605b3a62e183f53af51f96b7e8107985516c4834babd69fa7fb485b6e43def1c9b4d4347d54ae5fce94","ssdeep":"","tlshash":"8cd02bc51191bea874165aa955b4c835304510f7302ddcdee713ee2108a25a00351c0d","size":257,"data":"","first_seen":"2026-03-07T05:32:19.751926Z","last_seen":"2026-04-08T04:44:39.46795Z","times_seen":676,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/63712-08d55a4030f898f7.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"614fe7514839a09db165d48ad01da840","sha1":"e492263f454db98a8cc2c89c777e5572e854e343","sha256":"4974bda3ce7194ae592697daaccd424e6e8e231bf15187182bf4d16522e9bffb","sha512":"7eee15e6bce48c5b1adfc53ecfd7492109fa6272d866622f055b91ccc80e8bb4e9fdc350413cf4282d6b85b13fa72188cc51445cf6eafb6167d149ad45af1b8d","ssdeep":"384:RSHQzwzI46bFWDyhQ1qqo5W6m4WIQgn1fy4GaQANJVOPe4+snOcT34McbAmrh/2:/dZsunDqNs/AFD","tlshash":"1aa2b449b9d1f47453a3aa51843f440bf2674ea8a05db8d8d367c9e5adb888e4073f3c","size":22721,"data":"","first_seen":"2025-09-13T11:18:32.286663Z","last_seen":"2026-04-08T04:44:39.438431Z","times_seen":7559,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/34230-e87c8d35c9fa1ab6.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9b4900ae7910372c39f90a4ebc702603","sha1":"9a24a588c269ce9c3f57345c32fc19f6681dbc0b","sha256":"09f6962b4e78defeacf0013f19bf739d5427801904333b19f9ab4cf541db3440","sha512":"4a02c00c407ec0eee649e22031775550a2e27fd675d23235783ec11d04efda2480a219e318fbba5739af05b0bd575f5d6d94a5a5dd2db29a03b891b9ba3069d4","ssdeep":"384:05ae/t9qDM109qxJ7aPk9RqKIyoIPzM73I/AKIJ1L/7E48z/08zXvnL5/Tz7qt5V:veVwDM10wxJMKIKIy6IzIj/9KcKN/POB","tlshash":"b5a272c9a390993d2583c53fc635b426e2bf09fa753e534062a9c63df909cc4e7365a8","size":23047,"data":"","first_seen":"2025-10-16T04:05:32.834372Z","last_seen":"2026-04-08T04:44:39.430621Z","times_seen":7493,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/58211-d9d578b8de9e3293.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f7d84948f8ca0ff495e7533d0969b670","sha1":"3330c776cfbb7ea04d30b89a9686eaea35f24747","sha256":"2180eecb87df810a0f91771ce87e9c4f6e185e9011d00147eef0ca9c7ed750c1","sha512":"04a5f0711a52dd8bcfe0ea6d66662ed5e0a8610c8caffe461a8c8178f8f40e55b4c40c7ea11716a7dce1631534f5e22f9c5d86393e31835bcc686e4aa6254c85","ssdeep":"768:01KE8vZ7HInPlFvvb5AvexGRrxVP1fr4UK1fWbqYsCL1fZnK+jBV9YCO:0voWV","tlshash":"f20399866740a83d2587c16fd63a6415f3bf14ebb92f9390219aca3cf506dc0f5365e8","size":39725,"data":"","first_seen":"2025-10-16T04:05:32.927959Z","last_seen":"2026-04-08T04:44:39.470354Z","times_seen":7492,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4dc69cb7dcfcdc192f7639387c257d94","sha1":"1d370c913c6e7bc50274586b6da113acf6677251","sha256":"b82b8c015b602e83678d281eeb50b0b3c64b5f773c00d692865344f87b49dba1","sha512":"ad36c73f661a62b364be0ed6d845b64e0b634bd20f01facf1e613442e3f73dc0f5c6fa39aa5fb703b8ab0224b3cae6c9e8521d4faa395c39b8f6cb68859b7eb8","ssdeep":"","tlshash":"34f0d373ac10ee0286b15f141839cda070cc8a6a81401799aa64cd1f198f13dddb3d82","size":630,"data":"","first_seen":"2026-04-04T22:14:59.488769Z","last_seen":"2026-04-04T22:14:59.488769Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/global/fbq.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0b834c87557376668b3c3fde729a8db5","sha1":"872448d973ce02e75d52b31641d961601167d04c","sha256":"cc63b490224b081fc3bef6a696dc3ecbe7ea7bd45df00c8a53cfe304e7bd5469","sha512":"1c40528c95bf8c5d60ebf3dba6df8ca43390e5239ea50ef08705e547c48635a1f399f2f9d7207b4575822d2ce3dfd6e2b7ef7ee3b431255837cf2545ea5ed4c5","ssdeep":"","tlshash":"e7e0619f2c43b42733e97639c727a67b3763070178c2d919ba05c8151fe08966c96d9f","size":408,"data":"","first_seen":"2025-03-19T10:41:28.92776Z","last_seen":"2026-04-08T04:44:39.468811Z","times_seen":9415,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/44638-22642ed4434648b0.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3d0cfae03cd8f321178546f3d44bdf0b","sha1":"d952755162717e7ffadd30a573f4691a19b643c4","sha256":"a80e2f887fe98f5dd1f607d951147f5de620031519c6419ed1fb86e7b6621686","sha512":"56bf305f3b03e0fe79351d4cbfe166bc57557cdd91f72f22b3e967109e1a6f898528a59e5277c857fb69b465ddefaad1e500469821adc64dd225d1ada5986532","ssdeep":"192:e2weKRHbhH/3MO/Y0HURLDJYvYgcn/rNfI21OYR5ZAGPnSwpgy4jdzhJvkC05:/wd/MRLDJGAnjNfF1NVSJZ9y","tlshash":"00123c90b150797613678a62e1ff0706b33b845a5c1f84acb5b488456771e8e01fff9e","size":9855,"data":"","first_seen":"2026-03-07T05:32:19.773264Z","last_seen":"2026-04-08T04:44:39.433189Z","times_seen":676,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/app/layout-414e3e65ac0c109b.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"31bf7da340caaab71de15d64a27ec6db","sha1":"479c846f55add344f763d3adfefb59d61bb51d6a","sha256":"d49c9da60d9168713bc121bc70e422cf98db8b906e3a043578acdb3fa73c80c2","sha512":"42fb8511d17ae056c5d5396127833884a246b7cbf28a62ba03ceec38ddde6940ee8d310405c0047ced20b7c383f183c8dd1757670d06e82f28f16689bfc588a5","ssdeep":"192:lTUQUBoSCqdxpNRDvf31/wZbMdyeTJzTF5zb6:lTXUyclNloDeTJzTTm","tlshash":"4f22c711b484fc6d0be3c89c9cafca08d16e1b16d8a8847f9f1dd62910b295df175b17","size":10497,"data":"","first_seen":"2026-04-04T22:14:59.471226Z","last_seen":"2026-04-04T22:14:59.471226Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/53331-cafd9ec77f422f5b.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ffc2a9646f640ee24bec96371d8896d5","sha1":"43fb84011d63dd3ee53c4c5a6ed7bee651bc780b","sha256":"ee75b3f83f6bb1fe59b15f18a040463973036c403110a597b3e77b659b240fc9","sha512":"19765f02ce6babd708e5a582fce2a697188168486b56c78f66d75c7ad4d29e02371f839d2b967fa8094e949f2fa6de2e478d24e24b3150f0eb404dcef6fe63f6","ssdeep":"384:/bEM6MGSQhbWOoOSQ6b82p7X4WsIBcf9CkSfA9CM3ORBq5T25iaTuJ8jFNDtv/LO:/L67hSOoe6h7X4WsIBu9CkoA9CM3OTq1","tlshash":"63b2d7e993f4b6e0a006e3f8d607a8793a6e19fd7b32c95893d95c20c5910dc266ddc3","size":23606,"data":"","first_seen":"2025-09-13T11:18:32.113392Z","last_seen":"2026-04-08T04:44:39.425213Z","times_seen":7556,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/73943-1d520689248da833.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"64fdc139b6af1827fd601b07f4d24c93","sha1":"f5334e0e066e0af0988c94df23bf183f2778065e","sha256":"b361383c57269bca223d9ea22ec134e581daeac429aafdc1f552ca59ee874427","sha512":"0837b4c6708be4cb7ebc64fc988ead1ca13ab4eab7236451be56a9fb14b1de983d427230ec1a4e3bab1d95229b6ebfaf2f31ac9893d1a5553802d6e3d35741b3","ssdeep":"768:T5poCFrHcJfP4gFxZePqxkKZoesmsb4xvH+k+BtJ+cIDGQwJ9IEH6HxHRzZASR/0:TALhZLD+tPIRA","tlshash":"a34383dd4bb019cd6dc49ae9bf0600bc363e92bab069882ced4d4d3850458d9fe1bbd5","size":55294,"data":"","first_seen":"2026-03-28T13:42:32.426354Z","last_seen":"2026-04-08T04:44:39.453294Z","times_seen":362,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/app/(landing)/page-e7fe8e8ad23b29ea.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"28174b0bb3133185e1766201bfc0572a","sha1":"7432dd8fa09bb7cad29cec5ba4edd76a9d4e70a9","sha256":"a3b166f8ecffc3fb415187e2ae95e08bb0cc0e523b4111db92aa8fdf2873027b","sha512":"51d525ebdb1dad93f0cf15f77f8ece679054e7d6b3ca88f675fc645bc532a2354e759a4e0419fd5b95eb03659a3159e8f460e73b29dd8e0de44fc64c2ae9d8b8","ssdeep":"384:+Saddq55XGydqhFoSObqu7zYOJV56Jchz:+Sqk5WWWoSObqQJV5hhz","tlshash":"0662a741e254daacf45394adc32ea03d326f2599d65e8570f8fd9c3461094c8fb2bbac","size":15195,"data":"","first_seen":"2026-03-07T17:34:33.362129Z","last_seen":"2026-04-08T04:44:39.45741Z","times_seen":189,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/82849-35d68a185f8daedd.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3d8603d8e0135f562bf9ab67325e9b3c","sha1":"9d631773a5b4011f66b9e5fd568e61712607b308","sha256":"d9eb7914de9899abfb7a33535e716c0fde37e67449d390778c8ddbbc4641b020","sha512":"db9398a7771fbf68e94f48c2868a1a236fe367c553e11ebe05d2552d0d2cfbe2b314d3463d7e314deec6b3fc910660aaad9604a7f9827057298c2c1c0167db9e","ssdeep":"1536:4UcXlryCtX55mQPVpmsuIurLJmvU340MLsUDG3BZN2EaZxVcGR5c7dhP3Whj21ma:3+s","tlshash":"b904d5debba0a2f4f005e7f8d7124468366b39fe6e52ca68c3a91d15e90108cdd59dc3","size":180626,"data":"","first_seen":"2026-04-01T07:30:57.189898Z","last_seen":"2026-04-08T04:44:39.441031Z","times_seen":463,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/30731-b4906d3166248ccd.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a278de30bdaee7c2a859ec4fe00720a5","sha1":"dfee7e7f7f6bb86b057a87c026fe85debcf3ff9e","sha256":"f1b31f7cc90eae6ec6abd1c9b5e2cab892957933851bdc043acaec409ca136d2","sha512":"77f9c98385a0189d3c4ac23bef30048bcab4c2915cda68f96181e386575b3e523fb4d6ad1d1b99f6dcc89b18122b8e0548ee2628d6f8d948571592754b9ff4e9","ssdeep":"3072:92ydhg+1uKewJ0Byiw1QRi8B6a3bmicWAM7c3jiPYFEcFBKKMhEmDhwZ8:92ydhxQRB0Dz7vMKmDmZ8","tlshash":"bd15b4985bb553fcf405f7f48a2ba4b43f6a38f67a42c4b8c3a91c15d4520ad89a5cc3","size":935432,"data":"","first_seen":"2025-11-16T06:53:31.123844Z","last_seen":"2026-04-08T04:44:39.434028Z","times_seen":7083,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/31684-5738d0dfaad74be8.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.493Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /_next/static/chunks/31684-5738d0dfaad74be8.js HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2XFyWAykqYJ1GVikizMkP3qG2L8pIoBH5oc2bFRY7fPtL0nhFgr3Ib7c1A25JoXxROyswCtSBHJrPhuhLnsKZhK02Mnrl9huAcuFEXAb3wJLTKHbeWNC2GtVj%2B%2Bj5A%3D%3D\"}]}\r\ncf-ray: 9e73aa8bec5956bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":176077,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"338198f53e9ab0bb77a7fc2f057a8540","sha1":"78e8deb3e3e2703d617dfbcbfca2e893eb3cee92","sha256":"d3844f2db215d099728ef83a3b5cb3cb82279b669b231f54d2cdbbd958949f1d","sha512":"62ba9ce051e6974c6c74745a4ce6b49badc145041893b048ef42f09f979d0e579928ff78b7aa8abe587c73799a890c26703566918003494a9d1a3062ac019889","ssdeep":"1536:3Hk+1qVc+dJWgclHHlU0ob8OeM8aZLoEAEuRaQ3aTcXH10nZ6XEL4ZXEoFUOnN/e:VqW+dJW9QAMiEuV36XZmUON/e","tlshash":"8b04b8b676d0f89107a780d5843b400af3395c3b146f74a0a3e6cce975645dea1b3faa","first_seen":"2025-12-07T14:40:32.389468Z","last_seen":"2026-04-08T04:44:39.466388Z","times_seen":7007,"resource_available":true,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/57796.e45f39755a070442.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:29.137Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /_next/static/chunks/57796.e45f39755a070442.js HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:29 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 04 Apr 2026 22:14:29 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MXi6CVmSmPs%2B06vQxO7mVD24bLfqD2zUDks1DUXIgH6wkkr8rcduK78G2NbUG5TpSYXWQBG7OwcF5pIirDqZa%2F6wMFnoodjK7C8RLHGIOoa%2F3rD%2FVdIVflfPGD4aPA%3D%3D\"}]}\r\ncf-ray: 9e73aa90181f56bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":32589,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (32519), with no line terminators","md5":"c24306889c066a0c6e45e5a719c217c8","sha1":"fcd9fec48774760225baf46e9b68349387190355","sha256":"54e16bb637371774001af0da9b7ef97c3ea54ed0a6d11d16a0fda0dea88b2cc1","sha512":"9447144ce13d74d63f080b3c10dafc8c0b37511d48498169ee13ab0f8bb21994e2f347f8d4deb66e92f9c409a1adfaec9636ab2a652de003415a7d10651ad7b3","ssdeep":"384:kuqCrrJ7sA6MdMuADbY/7lpbCWU4/RZRY+BJDnYDE0ycob034x3SUQXuzeAL6HxW:7F7sA6WXAInWg5rYMlYzyq4tYdlyBp","tlshash":"a7e2d70f430423b12b9212053f9e18dd772e916573128d5ab9ba916c334e9dab23bbd9","first_seen":"2026-03-07T05:32:19.77685Z","last_seen":"2026-04-08T04:44:39.420596Z","times_seen":673,"resource_available":true,"data":null}},"time_used":75,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":75,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/greenColorDSGN/mix/landing/mobile/plinko.jpg","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:29.347Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /greenColorDSGN/mix/landing/mobile/plinko.jpg HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-08T06:38:18.184888Z","times_seen":13493088,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/58172-2e2ad5efca352ade.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.506Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /_next/static/chunks/58172-2e2ad5efca352ade.js HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=o2q8pxSZlomqjaKn9QqacQg8KXlGiqZS3rTj2XH5DIAfcefjeAgu3zKUAE2UoKa2A0nbkAOwxOQYEj7K7I3dB5mNDYvvSd96DzvJLN2wmJ355gPx2KEoazpw9mQTqg%3D%3D\"}]}\r\ncf-ray: 9e73aa8bfc7c56bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15156,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (15156), with no line terminators","md5":"a9784916761bd2bbc76012952021d42d","sha1":"253cf85cec6b9a53b449d758e2d542a9a182bc23","sha256":"c0b7563919543117a0168d95e03a8812821df1f79a8bf094dadda24536660d92","sha512":"54d0abe66c6ec80868c406f1838ff8760bcae6758bd406c57e29d3ae842812ffb81cb315706c46e5d6a26e8bb80c7b1fc2787d02e360d635ebf22aad6c3c7431","ssdeep":"384:H74ml/FeOUGcg70p+tlof7VCEv/f2rVdVOmo778U/eWJV+o6:b4mldXUGZ0p+tl8VCEv32rVPOmg8UWWo","tlshash":"cb62a6d12b10495d3583ce7aca363929f2ef69ba393d57401168cb3cfd18ad4e6361e8","first_seen":"2025-09-13T11:18:32.621492Z","last_seen":"2026-04-08T04:44:39.471245Z","times_seen":7564,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/92148-6f19ac7166461fa8.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.508Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /_next/static/chunks/92148-6f19ac7166461fa8.js HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4myJgLkzv7Du44iTtzUHC2VGNdLWYgcc7mC4dI2fvFASdDIGyhQ7YQqnZOtAtnGnN%2Bs6BhVcQZod0GcKuaLB86NBk2rYuQ5hNUZNKST3P2BaD16iwKmlPd12cirP6w%3D%3D\"}]}\r\ncf-ray: 9e73aa8bfc8056bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18801,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (18801), with no line terminators","md5":"c6501be806cf1fdae07f7147e6e32ed9","sha1":"b46315e1e07d5c32e6f2185e25c453902013fa4c","sha256":"e897f0138e8011ec20fdf4ac0b924c9d3edcae74328a9700f502563b25897bd3","sha512":"9fb4560bfb3491d7afc719f71260e56dc3a2bf71d2c1104251901c02eaf7a2d0a9d249d90b51e3831ce7b66e7ef81603dcee6c97900ffcffc51b8e244493e1d9","ssdeep":"384:DLZQxW+19Vd6J4FU0Zs1Th/ndpRqgG4gjbI3/ovs2GK/sYp3wm7GjUWybgAKJ7r2:JQE+buJZ0y15dpRk4y+gt7/sml7GAFsg","tlshash":"b482d89da3e6a5e8f003e3f8835bd8353aa72df57912cc145beaac21d51109cb4a5cc7","first_seen":"2025-11-16T06:53:31.12293Z","last_seen":"2026-04-08T04:44:39.446778Z","times_seen":7067,"resource_available":true,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/82849-35d68a185f8daedd.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.509Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /_next/static/chunks/82849-35d68a185f8daedd.js HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Fep9ONzEi5WHL9HRbSXPjTchmlI5kH%2BWyDyNcPp8oJmZrppU1cH8JpRgICk2AE8fYoHaswnQS5C5O6cSh4UyE7TUIEZvPP1Z8g33AqVh6CZQWHvsX6pI4k0gqNsY6A%3D%3D\"}]}\r\ncf-ray: 9e73aa8bfc8356bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":180626,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"3d8603d8e0135f562bf9ab67325e9b3c","sha1":"9d631773a5b4011f66b9e5fd568e61712607b308","sha256":"d9eb7914de9899abfb7a33535e716c0fde37e67449d390778c8ddbbc4641b020","sha512":"db9398a7771fbf68e94f48c2868a1a236fe367c553e11ebe05d2552d0d2cfbe2b314d3463d7e314deec6b3fc910660aaad9604a7f9827057298c2c1c0167db9e","ssdeep":"1536:4UcXlryCtX55mQPVpmsuIurLJmvU340MLsUDG3BZN2EaZxVcGR5c7dhP3Whj21ma:3+s","tlshash":"b904d5debba0a2f4f005e7f8d7124468366b39fe6e52ca68c3a91d15e90108cdd59dc3","first_seen":"2026-04-01T07:30:57.189898Z","last_seen":"2026-04-08T04:44:39.441031Z","times_seen":463,"resource_available":true,"data":null}},"time_used":112,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":112,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/greenColorDSGN/bg/preloader.svg","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.864Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /greenColorDSGN/bg/preloader.svg HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/_next/static/css/d4dbba7cd4889f6e.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin\r\nx-cast-cache: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=S5Pmv3awYfwac02NqAfSFY7ClBEVH9ln%2Fl%2FBZRMFR83Ap8mtmRK6luQE7Wq3%2F%2FF%2FaPWEjevT3N2Ddtj8KdvnSwy7GlpCl0bm3YJklh%2FRmAWm4Al7%2FFNymPMFFsifaw%3D%3D\"}]}\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncontent-encoding: br\r\ncf-ray: 9e73aa8e5ed156bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1652,"size_decoded":0,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"d4cf0d8e07d5ff0a22dde176b5e6926c","sha1":"bb3f41bbc80202459f3bd9a27054f855523f8ea7","sha256":"caa934ceb360955e8ef4eae0984d9ee475137fa2eee2b013586e25461bc1703d","sha512":"03fa93b18e1610abefaaeee02782234d164bd6de0d27aff61c5aa02e260d50e0b69233306e46bcabac18c6de2ce085a5859bd4ee71c2480acb0e4a719a3c5123","ssdeep":"","tlshash":"703122c04abc425cf604a6a9cf122875be1a64ce578564baf3ce9d06935805b8e0299b","first_seen":"2025-09-13T11:18:32.012309Z","last_seen":"2026-04-08T04:44:39.451541Z","times_seen":5868,"resource_available":false,"data":null}},"time_used":87,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":87,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/trumpColorDSGN/mix/preloader.svg","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.481Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /trumpColorDSGN/mix/preloader.svg HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin\r\nx-cast-cache: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kpFa%2BZtMgBcq%2Bc2y4HTU4a%2BKKM%2BfyHxZm3s%2FM9qfNjN%2Bz3noraI9qpYsD2jKUQyCb0XOvRH8v8lCN9Ea6ARVa2ahQxLPxxKKQDJ%2FKKGFn48Tw2IfV9jkzexjziqzpQ%3D%3D\"}]}\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncontent-encoding: br\r\ncf-ray: 9e73aa8bec4856bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":119318,"size_decoded":0,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"40fbaa8ff12ac1ebf23154c29e67a191","sha1":"a0a3a6c3b2a35874dca992b65fe8651809da05a6","sha256":"234f1a89ac1c64f2b60e7b7aaf30d3ec2cd97acd3f5fc844f4f55256eccaf843","sha512":"5c97f0bcda3d832001d8b751d6140ba2835b2ad34989ee6c4e9b44211dc8dbcb099eeb28666d6555505235ea97f71d37dc7c1a19e62c3a98a0cbd64e3c698ee8","ssdeep":"1536:objgkWcss2wEHMgG7RPP1VLatHLKazXxzP4D:TCB","tlshash":"edc360fc1af062cd88c0c7d27f69d2b93c17a3b798580805e66c5f5c0b9a96da851bd3","first_seen":"2025-11-16T06:53:31.134866Z","last_seen":"2026-04-08T04:44:39.431532Z","times_seen":7092,"resource_available":false,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/greenColorDSGN/mix/landing/bg/plinko.jpg","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:29.364Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /greenColorDSGN/mix/landing/bg/plinko.jpg HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 98906\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin\r\nx-cast-cache: MISS\r\nage: 0\r\naccept-ranges: bytes\r\nlast-modified: Sat, 04 Apr 2026 22:14:29 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VFuCDjbaKLcEzyWpxrZfhz7ZbW53fG15dM9G4VSwE2F0wGDHkKz4ERDRd5MAJgVQNqkGmeCF7uFql4SlekvlXebs4QBzH2CIGPAGLWIGWiHN%2BWf%2Btfx4oJei84IetQ%3D%3D\"}]}\r\ncf-ray: 9e73aa91895556bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":98906,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1332x1000, components 3","md5":"6737071f51d05eff365760e2a10bfbbb","sha1":"23bce8c9bb9fa05c7298f94611306b6944d646cd","sha256":"3f0ddf369fb2a062703902a6f4d6813ad54f11e3798247ce22c52fd843b0889e","sha512":"0ea829e93eceeda7b51f6625ff2b0aaad417957b11d99a3e50c9bebeb3fce3dd0bd57867068f95e0dad22bac497aef9a95e4f731a393dd4631f37d0470503c3f","ssdeep":"1536:nrznbK+5Whe9J0aDPLD/JpEnqP55TW3UY2qkUSYrej86rPj86WooDiJa0MMHi:ra+sh8DPnEnk55ZYnkmd6P465oo5C","tlshash":"01a38e539869cb82e46893d4fd030eac1f4a3b6ce9923afb05230ddb79245655dee43c","first_seen":"2026-02-06T17:15:02.54623Z","last_seen":"2026-04-07T11:21:23.381086Z","times_seen":82,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":73,"receive":164,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/main-app-fef4a8898ec7782a.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.494Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /_next/static/chunks/main-app-fef4a8898ec7782a.js HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qh37hHCU4Ds%2F9p3O53IbIqkdkmDqF%2B60chAHEZn5LNybBwgWS74kiWsmdOnFTUU%2BfsJz0AQ97H2E%2BOE5Yzvb3AdMFsthkGoA1IxUGOgR53tDw%2FZJy4lrF6qQourGEA%3D%3D\"}]}\r\ncf-ray: 9e73aa8bec5c56bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":537,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (537), with no line terminators","md5":"c06acc17c28c2888a1a2466b0a0d12d8","sha1":"63d7278ad805cf6b27e6fb76daee100f7cc61afc","sha256":"90a949795e63ad10200d2f57df2706979fd66bd412caea2130a9c707e21c5d5b","sha512":"745f5cba8c1f8c006b2d9a1f8ec15fe3e66d7909766f446755243e1b63aa4d611233d9fa175bc9001bcbce4a4a782e79feb80846ba96f394b38c1ed2b1f3c2bc","ssdeep":"","tlshash":"f5f0fba55f0df42f5d266e74fd97ace2184f4275206b4e647d01dda23c67b6cd260408","first_seen":"2025-09-13T11:18:32.65005Z","last_seen":"2026-04-08T04:44:39.423477Z","times_seen":7606,"resource_available":true,"data":null}},"time_used":89,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":89,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/30731-b4906d3166248ccd.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.502Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /_next/static/chunks/30731-b4906d3166248ccd.js HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FCy0qoc8nR0MzFzp9peOpGiIWjSzapaRuoESPaTXzdPoFPK4GbitdweitwT3qNQ5aAnAOUPt19Ino7nQhQvFkn0%2Fv96egWkQHGNPICDwQO8ampqguzkPg6l60hktZQ%3D%3D\"}]}\r\ncf-ray: 9e73aa8bfc7456bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":935432,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"a278de30bdaee7c2a859ec4fe00720a5","sha1":"dfee7e7f7f6bb86b057a87c026fe85debcf3ff9e","sha256":"f1b31f7cc90eae6ec6abd1c9b5e2cab892957933851bdc043acaec409ca136d2","sha512":"77f9c98385a0189d3c4ac23bef30048bcab4c2915cda68f96181e386575b3e523fb4d6ad1d1b99f6dcc89b18122b8e0548ee2628d6f8d948571592754b9ff4e9","ssdeep":"3072:92ydhg+1uKewJ0Byiw1QRi8B6a3bmicWAM7c3jiPYFEcFBKKMhEmDhwZ8:92ydhxQRB0Dz7vMKmDmZ8","tlshash":"bd15b4985bb553fcf405f7f48a2ba4b43f6a38f67a42c4b8c3a91c15d4520ad89a5cc3","first_seen":"2025-11-16T06:53:31.123844Z","last_seen":"2026-04-08T04:44:39.434028Z","times_seen":7083,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/58733-c5eff74fea05461f.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.510Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /_next/static/chunks/58733-c5eff74fea05461f.js HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RwEarmg1z8ptnQ%2Brc0R7cEhT1Bt4KAiBn9ylcLHr2gJd29IRPUt4ZBzOBBwmuzCkGy3PyGcWuheoNsJPQdBnUAUtQzC0%2FVUEPmC23LgtMfku3nBEl49gMczg016mww%3D%3D\"}]}\r\ncf-ray: 9e73aa8bfc8556bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18872,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (18872), with no line terminators","md5":"608213cbae5946f55bcf6e3e236643d8","sha1":"e6181592f15a748e4b0e3a86966dc1cfb5d508e5","sha256":"dbbc5742780c4bcf13e1aa6afe878f0beb77154dda969c40b074b762a7afbbdc","sha512":"22e77044234d9e0b1b4cfa606b0cb04a83d7492edd1392a1880a984adbc4742f98397845f91d4a09f49e0ff4be85d190e7857113b818a5125c39ecd965504cc5","ssdeep":"384:7ry4eoKi6rba2BN4eofEPu2jQi/Q8nTREBJ6F5ACxKv82wfLba2B44eowGJdba22:7DHiG2Bkeu2ZQ8T6BJ6F5ENwDG2BZhJ8","tlshash":"498286e5e3ca73d0e10af7e44116943c3b6b21fe2b36cf584b9badb0a61549c654adc0","first_seen":"2025-12-05T05:01:35.743711Z","last_seen":"2026-04-08T04:44:39.427778Z","times_seen":6980,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/51096.d5d2efd398115952.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:29.135Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /_next/static/chunks/51096.d5d2efd398115952.js HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:29 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 04 Apr 2026 22:14:29 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gfCPM08MnBYOWvD4jfFYXSR%2FIv63DxFgknMIl08go8qO5n8GmUCDnF6SUzYO2JOVrJRmfurO5uimVeXPJXENX9sAy7FqQ6RwlsqjVMf5f%2FfBru1jbMpPaGGsbXaiaA%3D%3D\"}]}\r\ncf-ray: 9e73aa90081e56bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":35333,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (35288), with no line terminators","md5":"e3c132e70a3cf169a2eca9d5a55ebabe","sha1":"b4ca48271ad20555f17c11a3e9b0acd351771222","sha256":"a756eb284f53f6210c994a6890be5af55389875c0baf7789c9bc5e555bb69f5c","sha512":"e24b666010f17d7bb5c49ca0686faf3670ebb34d1139918c87b98e22274e9951a46fc21dfad095ca07f6775ef978e8640f3b16f237dd7aac4f35cec9147476a9","ssdeep":"768:bt7hsk89UGTrNgELQFENRIP4TVNUuXCEth:bt9sk89lTxTQ4IP4JauXph","tlshash":"41f2d80f460c22f13b9711423e9e1add776d65147712c87db9aa816d338c8d9a23bbec","first_seen":"2026-03-07T05:32:19.757389Z","last_seen":"2026-04-08T04:44:39.445819Z","times_seen":673,"resource_available":true,"data":null}},"time_used":91,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":91,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/muskColorDSGN/mix/preloader.svg","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /muskColorDSGN/mix/preloader.svg HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin\r\nx-cast-cache: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kcjIf%2BAzjx2wG9WlxS84VWAJkSdFa1o%2Ftxb4La5ue3V%2FPiFfz4ZQwbai1umzCLntbBi5wyViU%2FGnrnMSz0PIDF0QIbu6ztGv3sLGXvAZufynSpKSyQXJlF54L%2BMXDw%3D%3D\"}]}\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncontent-encoding: br\r\ncf-ray: 9e73aa8bec4a56bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":72100,"size_decoded":0,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"850e1745f4385099a3518d32d9145e74","sha1":"69969125e203608b7462ed6f8eaaa2917d48ab0f","sha256":"31ccdbf4baef0e8d2e5ef2d71b200f1b8288afa891e6ea50729feecd86dcb895","sha512":"617fd124ef9ca7077d4215668197b1bd456b3f6dd2063130545d4040c4ae11c1d37a569ad757ff74ee26ccedb5db2f150439c8c515bceef6c0434c81ae46edee","ssdeep":"768:YDpuRdZRXU55SUH2v9rirdHR96Hi3WdoanhrqCLUEBHp5ZuQ+Ip1xLtaD3LxUynT:Qk9eui+hrhUEBn8WXED3Lx/T8QdxGwlH","tlshash":"a06395ed2bf018c949c8c3d7ff5944a92d2a91fba5484908f65c4fac1b85c5eec47ac2","first_seen":"2025-11-16T06:53:31.140817Z","last_seen":"2026-04-08T04:44:39.46177Z","times_seen":7093,"resource_available":false,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/css/2f5e6141245a9f80.css","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.491Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /_next/static/css/2f5e6141245a9f80.css HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=x8cAJ7AKBx27iZL6F7Hz8ZBTLCCO3DL7II1DLNwngKFUs3cVaKEw89FFusoYga8%2BXGm8GWmcBuW9VA%2FLfIjgEaEc6Si3JKEMxd8oMQPuDA%2BsogK%2BqjgSv%2BkrSf2PGA%3D%3D\"}]}\r\ncf-ray: 9e73aa8bec5356bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":28415,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (28415), with no line terminators","md5":"2f15ef9c3fa495f53800058b7cd4e26e","sha1":"4c2c5e3d75c860793b7ffb3ad34424c7fc83220a","sha256":"0b81fa64de0938d997f8c0a7793ec847fc03f066dd66fab9972958b953080930","sha512":"b2dd2678ac11c05161c8a6febe313f3ba861cece5f117efa22567108b72184cf68fe54693391d0be510951eb298ad7df861542dd1460a02cb648e0ab1a372a19","ssdeep":"384:+zRbFjczMTjzhCHIcJX9+zI6R/A6VijnR:+zRpjcgLQocxA9R/A6Vw","tlshash":"ffd28532a124e53cf4b7886279a5a7de3058c103da3756fafa41e52dc4df5b32b62348","first_seen":"2025-12-06T23:52:39.139623Z","last_seen":"2026-04-08T04:44:39.4553Z","times_seen":2290,"resource_available":false,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/app/(auth)/layout-2f72bfb00bd0ee9b.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.504Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /_next/static/chunks/app/(auth)/layout-2f72bfb00bd0ee9b.js HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zisi8RaCm%2F5XbromtF9g%2FuyABkpDd9Ydgd2Wov7nMtzeYskEiGLIZbW3Kw1XOMZbW%2BSywRgfp8M5gjhMwlRjvguNF05yIwFhRSuz74%2BhKTqffOa8TGTbg04g%2Bde3gw%3D%3D\"}]}\r\ncf-ray: 9e73aa8bfc7656bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5634,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5634), with no line terminators","md5":"eeb148fc570d2378a9f4fb4cef9277e8","sha1":"f15bcc479e6192f1c27e2c50e9957c34d69e1dc6","sha256":"28e0352c26286fc5b9430539a76f6e36d0f8ade3679fef2b830ed3805fb8b690","sha512":"0d5e4e9dc24973836af109e4586ee36dfa759ed54863e94049c0c21323043a57cc61354a7d5016b098e269eaabf1fe4be8e76ac9b487c6fe54177f0e396d92c5","ssdeep":"96:XZ8Q2TeV9GCuyzz3qZqCLXx29Hn5G9UV3aQ+7XCrUBTCUBTVy19GCOsY89GC4b6:p8Q2TeCtiz3Xqx29o92d+7XCrUIUvV3g","tlshash":"70c1a5b7b6c5fdb2565688d088378207ba503d37205fb480a7facce53169dca44d1f8a","first_seen":"2025-09-26T22:32:24.049018Z","last_seen":"2026-04-08T04:44:39.435129Z","times_seen":7569,"resource_available":true,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/global/fonts/proxima_nova/stylesheet.css","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.716Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /global/fonts/proxima_nova/stylesheet.css HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/_next/static/css/d4dbba7cd4889f6e.css\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZeloT6FkLYU3xJIx78Z7Nolz1pTmmVuS5n5div%2B6N06oReLzu3dyCe3HcCc%2FFQD5lQxi83z5pTmBSU1EQdCwt4nwN%2FYcrFsOwZQub60d7VqUBaRI%2FP5aWdHNzp%2BPQw%3D%3D\"}]}\r\ncf-ray: 9e73aa8d6df356bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16511,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text","md5":"d8931974e63a4dc65335827a00484a23","sha1":"3295703d542b291d258e703d3fb273aa4e71472c","sha256":"5748d69fa891b81b4890fc30b6c589852acd016cc7f8726e4ef93a497f0ee30c","sha512":"a5a858b0359a3571aa1337351eebcbed993af02fc1e9f54d7d87ce39e675d455c46fe9ef7291fbbb80d29d79dc71bf2404e40a902f5ee26fc0187e92b6625cbe","ssdeep":"192:xz6b6dlmqgqYGVNCGAcCh2H5vwCGmhRgSem0pBjqkCY9WTpnOPx/OSW9r0tZxjyL:paG7KUC4ZYCrz2muZHCfWctAH/uNB22","tlshash":"36723942cccdbc624aa6148077fe6ff60b4e28559079ad57ff3c38389d115adc68472a","first_seen":"2026-03-07T05:32:19.76436Z","last_seen":"2026-04-08T04:44:39.415918Z","times_seen":676,"resource_available":false,"data":null}},"time_used":121,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":121,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/greenColorDSGN/mix/landing/logo/plinko.svg","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:29.366Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /greenColorDSGN/mix/landing/logo/plinko.svg HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:29 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin\r\nx-cast-cache: MISS\r\nage: 0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=91yFI2J0klJwGwD4eamnlnF%2BcNcWXrp%2F1N09fMdHng871c9H1jjbwzTD6Dd761y99O2aKZPEvafWl8jnQLk8F6XFYBPRDqT4RXJGyHPrXoKs52xkunFdP7%2FMVrH6DA%3D%3D\"}]}\r\nlast-modified: Sat, 04 Apr 2026 22:14:29 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: br\r\ncf-ray: 9e73aa91895f56bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1464,"size_decoded":0,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"47d51a95523b19d73712354cf9df4f58","sha1":"51c75b61c3d7151836047d79444a11a25c807f32","sha256":"9357b08ec42493561d0aecf0ce8f9eb04b7170405e58f1f61d04994c1cadad98","sha512":"89103c7e2953b4c88d459db30c1dfbbdd24cefd828199760ff4272c45bfaf83b0817dd3892b0c3d0217eefafd200a2946a86e6f3ade6f1383f66756a9d4d5a98","ssdeep":"","tlshash":"3c31b99533e9821cf40074fc032af8b56dd61cca8aa2d0bce3721e06f29049e0d94dc7","first_seen":"2025-09-30T01:06:36.0012Z","last_seen":"2026-04-07T11:21:23.368234Z","times_seen":177,"resource_available":false,"data":null}},"time_used":76,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":76,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/greenColorDSGN/mix/landing/logo/plinko.svg","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:29.603Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /greenColorDSGN/mix/landing/logo/plinko.svg HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:29 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin\r\nx-cast-cache: MISS\r\nage: 0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ri%2FAMJjBpkPaUJ279e1VhjmJizI98sdlvgsED%2FYVLWs4MPZe9l%2B5baS3G%2BchFC3IDSiUqLdrVgkZnu%2F0j93ahCLtKppkPKeuTJcEH3iAraW4QVaaAGmqKWms5Tg6hA%3D%3D\"}]}\r\nlast-modified: Sat, 04 Apr 2026 22:14:29 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: br\r\ncf-ray: 9e73aa930ac356bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1464,"size_decoded":0,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"47d51a95523b19d73712354cf9df4f58","sha1":"51c75b61c3d7151836047d79444a11a25c807f32","sha256":"9357b08ec42493561d0aecf0ce8f9eb04b7170405e58f1f61d04994c1cadad98","sha512":"89103c7e2953b4c88d459db30c1dfbbdd24cefd828199760ff4272c45bfaf83b0817dd3892b0c3d0217eefafd200a2946a86e6f3ade6f1383f66756a9d4d5a98","ssdeep":"","tlshash":"3c31b99533e9821cf40074fc032af8b56dd61cca8aa2d0bce3721e06f29049e0d94dc7","first_seen":"2025-09-30T01:06:36.0012Z","last_seen":"2026-04-07T11:21:23.368234Z","times_seen":177,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/53069-bc2f18ad589424b8.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.512Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /_next/static/chunks/53069-bc2f18ad589424b8.js HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fiLU2Lor133YXyOL34PO0U11pO8bMwMKWo34gD%2FUzSauLz9ahLkfCpJj%2FM96Aj1XsMZCeaaaYgPTajj3dRw%2FVILqQizkXVTIzRp5NYLyqAuXT5GPMikHyRf1mgs8Rw%3D%3D\"}]}\r\ncf-ray: 9e73aa8c0c8b56bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":44316,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (44316), with no line terminators","md5":"7ac63d555d472d97361e7af9bddf4756","sha1":"108e0e7b0303859d0d98f7d0a1651850d0c22b4f","sha256":"d5eb992a55bad29d07e2a4bf1ff73acb9d0b7e8b7ce0c8c709a58dd0f382758a","sha512":"43792b7bc72c98045ab4a64b38a76dd0a274f084a0e35bc7d9e82ccb4618d253de588106e8ff0a43dec60c95572e51626c8eec123901d02ed3f7202443fc847a","ssdeep":"768:9VFYbM3fiNkuGxL2umLBbPEOSQ7Lhkd+0xiFxVuxMgCIw/A33SUYq31kBVVLLEhx:TniNkDe52eh/oVkZL9DxFW0MSdUTB","tlshash":"48131a88533593e8f1c0a5f8d217649cfeae6aa4e741c470d3b16e11a0c78dc7a66ec7","first_seen":"2026-02-18T15:06:32.952144Z","last_seen":"2026-04-07T11:21:23.375956Z","times_seen":49,"resource_available":true,"data":null}},"time_used":89,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":89,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/53331-cafd9ec77f422f5b.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.513Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /_next/static/chunks/53331-cafd9ec77f422f5b.js HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mq58l5CroGHtV0GhNf%2BpnSW1YR6Gam3XWY6TuPxKzCEosYatVnVKzCmBUBRBHtlvdgW0jkxd7Jkoim14M7%2FD%2B5EyFi4AQL2P7FCjpxGiKYXNqXmR0pc5qOjrsu7btQ%3D%3D\"}]}\r\ncf-ray: 9e73aa8c0c8d56bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":23606,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (23606), with no line terminators","md5":"ffc2a9646f640ee24bec96371d8896d5","sha1":"43fb84011d63dd3ee53c4c5a6ed7bee651bc780b","sha256":"ee75b3f83f6bb1fe59b15f18a040463973036c403110a597b3e77b659b240fc9","sha512":"19765f02ce6babd708e5a582fce2a697188168486b56c78f66d75c7ad4d29e02371f839d2b967fa8094e949f2fa6de2e478d24e24b3150f0eb404dcef6fe63f6","ssdeep":"384:/bEM6MGSQhbWOoOSQ6b82p7X4WsIBcf9CkSfA9CM3ORBq5T25iaTuJ8jFNDtv/LO:/L67hSOoe6h7X4WsIBu9CkoA9CM3OTq1","tlshash":"63b2d7e993f4b6e0a006e3f8d607a8793a6e19fd7b32c95893d95c20c5910dc266ddc3","first_seen":"2025-09-13T11:18:32.113392Z","last_seen":"2026-04-08T04:44:39.425213Z","times_seen":7556,"resource_available":true,"data":null}},"time_used":92,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":92,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-04T22:14:28.111Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=c%2BkNlx%2BjXHkBLkpBemJ3mPeoJd%2FaQP6osMGi3IHjVIgb1R6wdGSgB8%2Fu000Z1KfaghTZOr0JrGhWJF3nh2aLYzrA%2BNgh51JMavDT4FMXrHtvcMD5P5KNvtPFibqcFA%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9e73aa8a2aa656bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14315,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (14315), with no line terminators","md5":"f1e9810d2989a80a1af9a3a9c1eb6277","sha1":"e27e2d2b79d89451352f0fc83bdcc91abfd11ed9","sha256":"4a8e6017c4e6c5caa87471c42320ff57efb74895789be662b8e11409fd4a6c79","sha512":"3fa0388e541032049f3f6987021c736161c9368bdea7ffedbf48df27426602aca17bd8fbf78dedbbd1ad836f647afc82ea92941f929803ed54ed3cb58fe04f87","ssdeep":"384:osgOhO6RwQNvcRb7b0rCbP85b7sbOfL+K6Mb:osgOhO69NUp0rCQiOf6pMb","tlshash":"4752211bbc05cd069c76ad5d013e9e3a94cdcd7b8a34c9b8a28cce5d0651aba1bd9c81","first_seen":"2026-04-04T22:14:59.4613Z","last_seen":"2026-04-04T22:14:59.4613Z","times_seen":1,"resource_available":true,"data":null}},"time_used":268,"timings":{"blocked":77,"dns":65,"connect":1,"send":0,"wait":111,"receive":0,"ssl":12},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/css/d4dbba7cd4889f6e.css","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.485Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /_next/static/css/d4dbba7cd4889f6e.css HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LXagmuX8z8upC4%2FkgRpDEewo4a0n8I%2BbWArH6FoQZdrpBp0UPOdVQrUh6nyFjWpZLExmKUyvQPCYUMnw1C9H7vW0lNDeahpblSeqowkGhoLn29DYW7Uy4BNlag7Lhg%3D%3D\"}]}\r\ncf-ray: 9e73aa8bec4c56bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8912,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (8912), with no line terminators","md5":"14fa61a011b8e8cf726630cf0206fc19","sha1":"6de38f0fd7d521847061706234892f4731ef9aeb","sha256":"3d0b8817a44a043ae48fc8ad7c8ecc03ad846be0e6628db6eb09f54740df9be9","sha512":"5dfa4d762937c8bfef6d04725dd4067f9259749ac738b0844f82d8b81a2e3ba847988785a6559b5fd2671ff4fc1f9f677e69d5a5c255f047fa4c2a4016531491","ssdeep":"192:SWJhP3QmRtK1Sr1MmGs4ir/MmGhxorc6UAPHjvhGTR9:ScQmzK1Hmz4fmfe","tlshash":"e902c93fb311a072414b4f4d8993af7a996ee186d7136a6ba0d4080cf3ce5d114e5edb","first_seen":"2026-03-16T20:04:49.237974Z","last_seen":"2026-04-08T04:44:39.462588Z","times_seen":473,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":134,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/73345-c6c417d67f761339.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.499Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /_next/static/chunks/73345-c6c417d67f761339.js HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BD2Lhb0B3XX74jhIpbBkPeUJuGTjL3nroynEmFnESCBbA70R71pqfVIR3JVtApr5AlAyXAiBrFIcRXdmh3fEWyWOfcIcryhdWSd7u%2FFEr3bOxpF%2F8JBRUjOpQSLWkQ%3D%3D\"}]}\r\ncf-ray: 9e73aa8bfc6b56bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":325834,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"eb597de485c3029dc93b6f3225acc0d7","sha1":"d3a6bc9d6749ea9f0ddd1b1862c90303f3ec3254","sha256":"3513d69dd757c29044eb92ab6a908ba6755e0845c38105ab2e196b0c75b96583","sha512":"1420716788ac11ed76547147942bdf2329c1bcfe8770745c3bbce32f99ca5c5866e20253ced9e0ebc4597003f7404825de2b601f8d24b5c2fce1125eadf0ad63","ssdeep":"6144:bV5sFqdfuGDdF0pL8sS65eILs3QKQmiOB0lDz:bispi9mVB0lP","tlshash":"ef644a9c7682b474939b016a807f0107f37e2d57240e4824f270d9ee7975e99a2b7fb8","first_seen":"2025-10-16T04:05:32.880573Z","last_seen":"2026-04-08T04:44:39.467135Z","times_seen":7524,"resource_available":true,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/56060-72611dc1ca384f99.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.500Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /_next/static/chunks/56060-72611dc1ca384f99.js HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BsCT9zT%2FGZIOTWsXLQqOnlBKrq2c9JILy8fVOWhTU2hMmX6nJ3Nhp93e%2BQgEkMTd6EeBO%2BNkLfdH42tQ0F1H9AdIJCgE6G%2FOY%2BjBDav90gB16%2FdYeDWvnPJ%2B3SeDag%3D%3D\"}]}\r\ncf-ray: 9e73aa8bfc6e56bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10031,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (10031), with no line terminators","md5":"6685f1c3cdf6f0d1227ab2b5af23a056","sha1":"491d91380ba5da6dcd5027bd954e6fe11103b18b","sha256":"237ff25124f0ca73e06c9e1d59caadd016273fa9b5b6bf211c991cc8d34d1b92","sha512":"6667f2ba323afce441aa6e23fdcb8504dfeda05286da37d594827c605042ba88ddd7bc5c6ec9565109d4a0ad4ddc9f8cdde4ca22cbb9eb8122b85ba04bf1d0b2","ssdeep":"192:/ztywjuim2pZQizyySL4tLg6SpiQhQ+YmzSRAz21OfsuAAuaSXCfb+e:/z9juim2xWySL4W6STYmzSRA61gEC5","tlshash":"4622ea847260793e1547866fd1be5516f27a292e382ed25433b9c83cfd21ac85336bec","first_seen":"2025-10-16T04:05:32.850927Z","last_seen":"2026-04-08T04:44:39.469556Z","times_seen":7527,"resource_available":true,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/58211-d9d578b8de9e3293.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.504Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /_next/static/chunks/58211-d9d578b8de9e3293.js HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=z1l8cLHysVs8fOrPdd6c9kQxjzK1hS0uX%2Bm57CxCzG5hWyiauT803J%2FHw4JpBy4smtpP6uKc93rs2VIqCxtXz9tXcQ%2BlzUT%2Fsm%2BKK6tzKAyTAKZkPGL0NgFVLLZRcA%3D%3D\"}]}\r\ncf-ray: 9e73aa8bfc7956bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":39725,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (39725), with no line terminators","md5":"f7d84948f8ca0ff495e7533d0969b670","sha1":"3330c776cfbb7ea04d30b89a9686eaea35f24747","sha256":"2180eecb87df810a0f91771ce87e9c4f6e185e9011d00147eef0ca9c7ed750c1","sha512":"04a5f0711a52dd8bcfe0ea6d66662ed5e0a8610c8caffe461a8c8178f8f40e55b4c40c7ea11716a7dce1631534f5e22f9c5d86393e31835bcc686e4aa6254c85","ssdeep":"768:01KE8vZ7HInPlFvvb5AvexGRrxVP1fr4UK1fWbqYsCL1fZnK+jBV9YCO:0voWV","tlshash":"f20399866740a83d2587c16fd63a6415f3bf14ebb92f9390219aca3cf506dc0f5365e8","first_seen":"2025-10-16T04:05:32.927959Z","last_seen":"2026-04-08T04:44:39.470354Z","times_seen":7492,"resource_available":true,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":104,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/global/fonts/proxima_nova/ProximaNova-Bold.woff","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.868Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /global/fonts/proxima_nova/ProximaNova-Bold.woff HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/global/fonts/proxima_nova/stylesheet.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: font/woff\r\ncontent-length: 52068\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SxZhxZEbkUe82lzK3ra2g1kW10q%2FsoHxGx%2BiIKAr%2FJkGF%2FH5UDe%2BvkXq8b%2Fje732FH39mRLaidnrv20kkdSymCsAVCMbgu4OmMbtawyB7znR%2FwqsR1or9SE9KxiUbw%3D%3D\"}]}\r\ncf-ray: 9e73aa8e6ed556bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":52068,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 52068, version 2.3","md5":"e2cf3dc2f079bf3d5185a02552f153c4","sha1":"9e900ba7e0890a12a5697fc7ce86c058b145d215","sha256":"99a24fdd4e16d8dd4fdd79a5dd2dd7b71c2c68473fd6b3cb4eca4fa3f33d9ac1","sha512":"1043f0d116fcda17bd933ff2594b7c79a1fd41259f28aa8283d90e1a56eb6b8830861f109f9eeb3b81d79408e8a6a3648d973ee8a42fb5c096b0f84138392935","ssdeep":"768:gUZ1BWLCju+iIoHoWcknJh+7x77rai9YTRPxnE6eWPeLJWPznTdpjXeE8vFmdn:fX6Cjuct8QxDai9YLE6eWGYfbX98vMd","tlshash":"2433f1a524350e2797b7f4fa349d0665cfc6024db42b55faa4cbca019a5bff8b530823","first_seen":"2023-04-07T12:58:50Z","last_seen":"2026-04-08T04:44:39.454425Z","times_seen":8460,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":136,"receive":103,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/global/audio/message.mp3","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.942Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /global/audio/message.mp3 HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:29 GMT\r\ncontent-type: audio/mpeg\r\ncontent-length: 29091\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nlast-modified: Sat, 04 Apr 2026 22:14:29 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gmED9f6PeFFh662LR49B%2Bc9oTdYu3AD1XsUYYthGVz%2Fr1I2mhxPG5NYgTAxPI8jIDs%2B4jA81cdkgSeXHmu37iuf12LiKXIMcNWLIaeIeqrz7tQfALMNIWGxOQDlVbQ%3D%3D\"}]}\r\ncf-ray: 9e73aa8edf2b56bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29091,"size_decoded":0,"mime_type":"audio/mpeg","magic":"Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, JntStereo","md5":"a74d3b2a2dee5892841f7e37ae8343a9","sha1":"90b69421807b860b265c34a5e2f249e3fdf05ae8","sha256":"7bc02c22f6a0a75446187dbe0547a7eca86c05e3d3d369e0831dc084bb974ea3","sha512":"7186807bb91804317231d48b985557d4259820c45cc6ef48fae69cc7f50b7195b1fa9c271aac9c2104b7cd0a48a772a9223db8f0e4f53cb2302bc401246c0f9f","ssdeep":"768:OBdZJRccW5UzJDDNx5kbu61m29Ij3Va3ZH0jycOFFLQU:0JRJW8DDNOu/j3VaJwyXv","tlshash":"92d2e13b2d840d8cf1868574226fd588e0b97c9a129e5f52ed9feb494637031bb08fd6","first_seen":"2025-10-06T22:40:31.572152Z","last_seen":"2026-04-08T04:44:39.436665Z","times_seen":7462,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":91,"receive":43,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/dc112a36-4dd9553e3950a789.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.496Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /_next/static/chunks/dc112a36-4dd9553e3950a789.js HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=i3Xgjyp%2BqD3kX%2FuoueuTrFFxPBSh0kl8qByrIjAE7skuOYVu0qw%2FarTTWtpv%2BuhgidgjVL6a3i8IjLZfCbT7UqwFtNsHxso9Uc5LmF16rk8pZib4dErl7%2B9hsAW1Hg%3D%3D\"}]}\r\ncf-ray: 9e73aa8bec5e56bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":305838,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"8b0312e3e2ff7226227ee081f6693db1","sha1":"823c7003795d9623f8992900a6f337f599bb7eda","sha256":"dccd0125f7ca7c6c5f3f8ae7d813743257cb55899fcab2d63b70fdf06b2a05e2","sha512":"612eb966b9409ee719588a9f82170d4d6c9b5c075b85981a1ac0dc0fb8119997de7f6a139ba2908d7ccfe0ab342f452e39ca15ec3d9fafdc1c2a7d36cda06d87","ssdeep":"3072:Hbyz4KjrqQmINGbpJGDc0Lf1c/X6Rpbdt0myoQj7sOU1IMi9wD5yojt:HijOQmINGbpJGDc0Lf1c/qD0erI5BEt","tlshash":"295419597254343805c540a9906f094bf736292e246ac49cb36cf4efa8bdecd31beb79","first_seen":"2025-07-19T01:07:13.417114Z","last_seen":"2026-04-08T04:44:39.432394Z","times_seen":7614,"resource_available":true,"data":null}},"time_used":91,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":91,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/44638-22642ed4434648b0.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.497Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /_next/static/chunks/44638-22642ed4434648b0.js HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=x%2F%2BdOWy%2FtK2mpULv1QGPgln7MhfzfcOOXK9RHYsiSdg%2B8HI2Za80R0gRuP%2BlEkVUBgKZ58bGG%2F2ZlnhYGIZYqNfakshnCGGnfRrXNe9U7%2FCmieuPXyoCOEkT2smK4w%3D%3D\"}]}\r\ncf-ray: 9e73aa8bfc6456bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9855,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (9855), with no line terminators","md5":"3d0cfae03cd8f321178546f3d44bdf0b","sha1":"d952755162717e7ffadd30a573f4691a19b643c4","sha256":"a80e2f887fe98f5dd1f607d951147f5de620031519c6419ed1fb86e7b6621686","sha512":"56bf305f3b03e0fe79351d4cbfe166bc57557cdd91f72f22b3e967109e1a6f898528a59e5277c857fb69b465ddefaad1e500469821adc64dd225d1ada5986532","ssdeep":"192:e2weKRHbhH/3MO/Y0HURLDJYvYgcn/rNfI21OYR5ZAGPnSwpgy4jdzhJvkC05:/wd/MRLDJGAnjNfF1NVSJZ9y","tlshash":"00123c90b150797613678a62e1ff0706b33b845a5c1f84acb5b488456771e8e01fff9e","first_seen":"2026-03-07T05:32:19.773264Z","last_seen":"2026-04-08T04:44:39.433189Z","times_seen":676,"resource_available":true,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/api/extra/promoIp","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:29.139Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /api/extra/promoIp HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://herotox.com/\r\ncontent-type: application/json\r\nauthorization: null\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:29 GMT\r\ncontent-type: application/json\r\ncontent-length: 16\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TlVS9%2Bd322TB8p%2BzFyPc%2Fz%2B8%2B9Kqar1imyxuB1idAaEwO1piWKUcE5Pg8IOBa%2FAReD6PRa5nD7AaegdEQEHH3Xh%2BdJ01YAHZM8YGQDsh7IuflExqabqTNbRk01twXw%3D%3D\"}]}\r\ncf-ray: 9e73aa90182856bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-08T06:40:11.03108Z","times_seen":117004,"resource_available":false,"data":null}},"time_used":78,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":78,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/greenColorDSGN/mix/landing/mobile/plinko.jpg","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:29.365Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /greenColorDSGN/mix/landing/mobile/plinko.jpg HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 59351\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin\r\nx-cast-cache: MISS\r\nage: 0\r\naccept-ranges: bytes\r\nlast-modified: Sat, 04 Apr 2026 22:14:29 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hV3loXz4Tq1AiKdKh0WtGboNCG7yrTS%2F%2FuOjW3vV%2Fu609xtp7DyzcrIPAuAlgt8%2BT%2Bu3c93BlSw8YCJMKrmYQRUjvEfRMKp9v5CvwTyKuZXXKB1ULgS5qO3HBokWXg%3D%3D\"}]}\r\ncf-ray: 9e73aa91895b56bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":59351,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1346x558, components 3","md5":"eb9323c74c1b30c6f4b7e67a6cfeee8a","sha1":"9ef2fbb0c0c16f7cbdddae565bd523f404201a54","sha256":"2d668b0b9eae1cfd3e77f67342e0921da72aa11e9e59fa887bee8bf01d9c7692","sha512":"7441c93860e86a755745fabf190234035220b9a6ca91f6e1bde05265a57e9f0d87eab6afcdf5c70efd247f8b1eb20eae736600337b592d013049a64483e4957e","ssdeep":"768:YDL+iBdC3xY7o6vpxUn2FqqFx+LC7dhzGcALgfUjzFmZJ/HNK4gnkTylHrzTSIWh:YDdoCdxUyrIC7dgVzF0JFwkTylL1T+","tlshash":"3d43af07984dcb8bd86a07d47d031e7c1f2a6facda8266ff12231d897c600562dfe959","first_seen":"2026-02-06T17:15:02.563223Z","last_seen":"2026-04-07T11:21:23.384928Z","times_seen":83,"resource_available":false,"data":null}},"time_used":150,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":79,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/app/not-found-fc9e14ca8a12ea1e.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.503Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /_next/static/chunks/app/not-found-fc9e14ca8a12ea1e.js HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BDDxkM%2FdhmbB%2BPRxYi6G9DVJTIXrs4IFDehwYe965HZ6475q9SJPawCVqrr%2F61%2BVco%2FYrogmt1%2B2yK8Tf7RSi530l0SpfviOQ%2FzJU85NEWOm3rHCawy0kO9qgmfuBw%3D%3D\"}]}\r\ncf-ray: 9e73aa8bfc7556bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":57585,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (57585), with no line terminators","md5":"513754cfa2d91f1f4ec59f666e8e64f1","sha1":"e7c65abc2aba2a3b2a34ca6c818188dd6dee9d16","sha256":"caeb37f0127a0aa35cb44554fe861ad9f79f13b433a04e4ea1836634df96d2a4","sha512":"37d0d55820bad028c997def5d851dfb42121d285462bc8952db7b1182ea060a0a0f4ea6a3fe546a78d8f2ea423f307b305ec0c69ceea3cf14e801159bd669e75","ssdeep":"1536:k8cwg5kif2aMaiR6HKf0x0XEdw/BvD7/a9yOAS:mdw/0","tlshash":"3c4374ed5bb009cda88896ea7f0610bc373e41bab46d8928ed0d5d38a0418d5fe17fd5","first_seen":"2026-03-07T05:32:19.76343Z","last_seen":"2026-04-08T04:44:39.439776Z","times_seen":676,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/36860-0a9464d566324679.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.511Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /_next/static/chunks/36860-0a9464d566324679.js HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uFL7%2Bu3iJYyz%2BRm7mvvKPeINHMWxg6E7eiaVG0Z0d06nuw%2B%2FFwhrnAUzQXfqa43aUKUngAbJ3DgwHF8aj6eFI2ba2AmU4cCHOHY0CyUaZJtZykIJlPV%2BqRNchp8Ecw%3D%3D\"}]}\r\ncf-ray: 9e73aa8bfc8656bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19669,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (19669), with no line terminators","md5":"ebed528d50f9e0657df76bf19dbe2ebf","sha1":"a745c8cac0f897a2e288bc643ba629bb89df2609","sha256":"f4ff2580f3ef611ca05990dcb937f89c700e24833b675e4039f569f79cc4da76","sha512":"8d0b8b70fcb7c71739ed7ed80ac98ec09aeaa478324288358e4c3f9622198dff8ed0d43a17e35e02c00537fe4d11c8d68a1fc9a60548aece0b1489ef3d3da6fd","ssdeep":"384:5mkM82Xy7PBRB7/z06STNN8txdOTTpPNUp0icpUAHEvDBUgf99Kxe2/KtyTnVfdA:UkU2fzuT778bwq5mL7TY","tlshash":"8092492b68365877a6d7bc748cae504c596fd24ba329089e773cef7404871ac394b3c9","first_seen":"2026-02-06T03:10:14.100987Z","last_seen":"2026-04-08T04:44:39.450171Z","times_seen":4090,"resource_available":true,"data":null}},"time_used":91,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":91,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/67369-222f9a02bd61134d.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.511Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /_next/static/chunks/67369-222f9a02bd61134d.js HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cccQH90Z6o0kHnmGReAWLvFuXKHpdARtWaSDy0tBoyZtQsjKGsg4b%2B5FBLlLG73kNnamXqM0%2F%2Bpv%2F695Lk5gCF6av%2B0vi6uGAFnxj16PsbefQS0g6xesm1orVB2ZkQ%3D%3D\"}]}\r\ncf-ray: 9e73aa8c0c8956bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4883419,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65520), with no line terminators","md5":"c5ee70ca6b0f10be9205923be6019f4d","sha1":"8970f24fdc7a50c908abdf7fd011fe84ab06cf14","sha256":"54353302f4543dabf5579fe09b7789fd62384f6046fa2f39ee36ea54834c3fe8","sha512":"a46dbf384ba5ddd94c97b78e4e38d5c4a84e1444f7c19563e019ceb26ec121ac60d5d5019ae772e37483461f955e7952ddd84d1951c94882156a08c13615e0e6","ssdeep":"12288:z3PyxSJSN87vIomx0wgH+vVUqmAStvp1H/llr9dhLR5EdNbE3aYAILQDEmAx//pY:sNgvIh/V4y","tlshash":"c8250f5ccb9201bdae58adc1ca4770254fe282531fd789ed96bb7e214bb0adf4301e61","first_seen":"2025-12-13T06:46:52.564072Z","last_seen":"2026-04-08T04:44:39.435946Z","times_seen":6899,"resource_available":false,"data":null}},"time_used":129,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":129,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/73943-1d520689248da833.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.514Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /_next/static/chunks/73943-1d520689248da833.js HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=skeP4SPG6rN7JomrS7nxCKkU2G6hOxQgg8U%2BIYPJpQtNJsocGz6v%2FOKdnnMGeLTTJpRCRBl9RRDmJ3TIZaS%2F%2B2cyrkK0ktcV7UVWBv7qkAJCBcN%2FjxybOjMDtLxfYQ%3D%3D\"}]}\r\ncf-ray: 9e73aa8c0c9356bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":55294,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (55294), with no line terminators","md5":"64fdc139b6af1827fd601b07f4d24c93","sha1":"f5334e0e066e0af0988c94df23bf183f2778065e","sha256":"b361383c57269bca223d9ea22ec134e581daeac429aafdc1f552ca59ee874427","sha512":"0837b4c6708be4cb7ebc64fc988ead1ca13ab4eab7236451be56a9fb14b1de983d427230ec1a4e3bab1d95229b6ebfaf2f31ac9893d1a5553802d6e3d35741b3","ssdeep":"768:T5poCFrHcJfP4gFxZePqxkKZoesmsb4xvH+k+BtJ+cIDGQwJ9IEH6HxHRzZASR/0:TALhZLD+tPIRA","tlshash":"a34383dd4bb019cd6dc49ae9bf0600bc363e92bab069882ced4d4d3850458d9fe1bbd5","first_seen":"2026-03-28T13:42:32.426354Z","last_seen":"2026-04-08T04:44:39.453294Z","times_seen":362,"resource_available":true,"data":null}},"time_used":76,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":76,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/api/extra/pixel","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:29.138Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /api/extra/pixel HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://herotox.com/\r\ncontent-type: application/json\r\nauthorization: null\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:29 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AitEtHZPo7SnQ0aGkrWSUwalWmRxbHJr0uIbVGfRGLe0%2FVGhPpZFb%2BkqasvuXABpwrupHDU0GBmIGBavnVaIOzs2SXom%2FP%2FyK4360sBuuZnYV6RT%2BI3wY8CDDUppeg%3D%3D\"}]}\r\ncf-ray: 9e73aa90182256bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":71,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"428647be4acae0d85bd0799a59237001","sha1":"25b1dbe5aaaf5fe53a11fdb05fd14bcad3e92ebb","sha256":"edad519cb99926a099d84224b6b7427bbfbaa60c6ecc1673c039a0723be93006","sha512":"8ed0b8ab8b00e7883301e4dc47e6ae3c38abe1686e6de48d43983fa8105203f86c36b86cff1a09c9bdf9406ac7c4ac2f8b6a8654a42e1b5d03d843b5085428dc","ssdeep":"","tlshash":"f4a022c30a200bc2cc00000008203b22eec823238300022bc00c0200caae0fc30c333e","first_seen":"2025-06-04T11:30:16.150294Z","last_seen":"2026-04-08T04:44:39.437513Z","times_seen":6727,"resource_available":false,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/4bd1b696-ad7506e6ce5b48e8.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.493Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /_next/static/chunks/4bd1b696-ad7506e6ce5b48e8.js HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OIUXxrx%2FJmYR0CIMos8AJGMLVVZmp27XvEF8unL440gnNifl9d8%2B7KoL6X7Ydb6vNvcGF5iS1hyy3hN8h2to7O7MjTZbfYAskwgMwvN7PZv8RapW3rAG4lM2WcSRqA%3D%3D\"}]}\r\ncf-ray: 9e73aa8bec5856bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":168420,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"15510eac41ab1d5ef4d07adf66470336","sha1":"af7eb0a2168918b5999e83b71a10ba52809f38df","sha256":"e5b9e2570593ab1e59ae6a397baec8491e4c3d5e4628aa1439940ac0e2aee2fe","sha512":"116e3ef82cb1608f729f9731bf3ba61a1a75624fec0adf57d0536e5f7e1abae6c939e93af5bbde399079cc1634b5ffda250a76f08571d2e30c88eceecd05b22a","ssdeep":"3072:btfjLiM+NFCC4YQbCCAaI/02UHCgwLRE4:btfj2ld4Y40fUHQRE4","tlshash":"0df3f7e83d99e2116eb342a7109f2803737c262b240d4c60a615fd9db5b845bb17bfde","first_seen":"2025-06-09T17:09:55.347659Z","last_seen":"2026-04-08T04:44:39.464442Z","times_seen":7625,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/app/layout-414e3e65ac0c109b.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.498Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /_next/static/chunks/app/layout-414e3e65ac0c109b.js HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6JQmHU3iJ%2FZW%2BhxsDXYzk8tK950Ox81Qlsc96FsNXh68gz%2FGvg73XUX80WTAEpxPqN99uJFSja391PcocNSZoe9%2Bcnrb18cenESrMazC1WfqO1VTeas3Sc8aaOzqMg%3D%3D\"}]}\r\ncf-ray: 9e73aa8bfc6856bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10497,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (10497), with no line terminators","md5":"31bf7da340caaab71de15d64a27ec6db","sha1":"479c846f55add344f763d3adfefb59d61bb51d6a","sha256":"d49c9da60d9168713bc121bc70e422cf98db8b906e3a043578acdb3fa73c80c2","sha512":"42fb8511d17ae056c5d5396127833884a246b7cbf28a62ba03ceec38ddde6940ee8d310405c0047ced20b7c383f183c8dd1757670d06e82f28f16689bfc588a5","ssdeep":"192:lTUQUBoSCqdxpNRDvf31/wZbMdyeTJzTF5zb6:lTXUyclNloDeTJzTTm","tlshash":"4f22c711b484fc6d0be3c89c9cafca08d16e1b16d8a8847f9f1dd62910b295df175b17","first_seen":"2026-04-04T22:14:59.471226Z","last_seen":"2026-04-04T22:14:59.471226Z","times_seen":1,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/84382-2482953330b0a166.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /_next/static/chunks/84382-2482953330b0a166.js HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rwyw3X38hhS0sOTqU%2FJm31DbhEGfFVsFOTiQNZ0igi887hYsGBP50dm9%2BXEpaKVe9haXP%2BjY3KBCyOAPKE3NkRFChB9UhPrXV%2FTZ8Qh4eAeh14i%2F%2FzEW%2BecK8%2BQgwg%3D%3D\"}]}\r\ncf-ray: 9e73aa8bfc7056bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":58996,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (58996), with no line terminators","md5":"cf0370158146d04d6a4bb30991fd0a84","sha1":"aaffd0132b3b381a850a2577f1f1a2a913b54738","sha256":"4eaf627ccf85a218c108a0372cc8bbf12e564560bfe3aa4c6fa8724bd89c4e49","sha512":"f40f16781a65f08638674afd1f5ef2c099fafb448e34371ac425592711c616125517b599c50fe2c873a5cc2e20398b62b1f25f481efec5b3ef560093fb2f8330","ssdeep":"1536:atXQ7jwm9SM1ekDl8wzCBK2v3nwnVvZxy:uQ7jwK6kDl8wzCBnvgnVK","tlshash":"f543b409c5d8dbf45b7e2fbcd5a9d1c7ea333369a0712eda6752c8a0174928c712082f","first_seen":"2026-04-04T22:14:59.472328Z","last_seen":"2026-04-04T22:14:59.472328Z","times_seen":1,"resource_available":true,"data":null}},"time_used":109,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":109,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/53090-a64743b05c92b22e.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /_next/static/chunks/53090-a64743b05c92b22e.js HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FZ1b743O0i7pZch5WAC%2FCAXBRwHAFljofg0R3H2%2B6H%2FA4oqN%2BVYzs%2B1YiuEuHuW5RIxQzua0%2BQsDO9EvR7PZmLeU1VoNJTmO5tkr6Lou5BaH2%2FQdHl%2FH7V7OrRtKXg%3D%3D\"}]}\r\ncf-ray: 9e73aa8bfc7356bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15666,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (15666), with no line terminators","md5":"15925877203605d5f2355beb36d57347","sha1":"17da103edacb7e181adbf9304938d039a200c1d7","sha256":"a986f72fb7dc330235296b864ba0f244f1126b2eff777b8a13ae36875dc96157","sha512":"ad516778c2e0dcaa482b03f5ab7a44fea87ce340ae85aba921277db245d9e6c5a49f70a27eeb99b6bef662c873647590edc83e75c63116c4e456045245b91568","ssdeep":"384:hC/SLOZgztFl6pfisYkxdZEAXtwdt4DvWmV9PvTLsb6r7/:Y/SCZ4Fl6pfisYyZEhdt4yIWbU/","tlshash":"0862c6e0d362fad8ed6785d5f12ea906b11f2f988b19c074f6b85c2053181c4ba27b9d","first_seen":"2025-10-16T04:05:32.826709Z","last_seen":"2026-04-08T04:44:39.444934Z","times_seen":5802,"resource_available":true,"data":null}},"time_used":147,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":147,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/api/extra/holiday","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:29.113Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /api/extra/holiday HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://herotox.com/\r\ncontent-type: application/json\r\nauthorization: null\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:29 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0Xicxy6O85ukfbTZK1FhDJ0W046ZpbFnh2dj1MWFQA20Mk3NUGYlgsqRlKuSd0nmYcSm%2BObYDGWOgROwLuOeRgTn%2BWsxA3mKGsgLAlfn2uqZjNzLzo3w44nZgALvCA%3D%3D\"}]}\r\ncf-ray: 9e73aa8ff80a56bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"64bd1ee4cca69558fca5317e81a2b469","sha1":"7be9c89474e4f8526395703aacc31165a48f6c7f","sha256":"5ec7611613d86543be443ebd6f2043ba9cb5379a9e39e7b37c8fa3d7e88278d5","sha512":"457194cab8d05978a245ca36617cb89d474ddeb0c1181e5d5e29f03a092c21fea68332e1e7bd23c01a2721aa304d67822888fe41d01b69f83da3eed5e149bc25","ssdeep":"","tlshash":"228000022a2008aac808228002382f0028a8222ba0002008e08ca008eaa2022308382b","first_seen":"2023-06-17T21:25:09Z","last_seen":"2026-04-08T04:44:39.448922Z","times_seen":5279,"resource_available":false,"data":null}},"time_used":91,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":91,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/api/extra/promoIp","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:29.393Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /api/extra/promoIp HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://herotox.com/\r\ncontent-type: application/json\r\nauthorization: null\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:29 GMT\r\ncontent-type: application/json\r\ncontent-length: 16\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JIzyxK32BBDgwoDd0HC8Ff6oErk%2FOWmHCg1x%2FKORM6a9LGwe%2FAqdAHaWXpz6Sx5wu39%2F0%2BdZOGeJOii%2FOiGrVs7BRKf4R3N1TFsqyFK0MjaodJ4gVLA82L4CCTZE%2Bw%3D%3D\"}]}\r\ncf-ray: 9e73aa91b9a156bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7363e85fe9edee6f053a4b319588c086","sha1":"a15e2127145548437173fc17f3e980e3f3dee2d0","sha256":"c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97","sha512":"a2fd24056e3ec2f1628f89eb2f1b36a9fc2437ae58d34190630fe065df2bbedaf9bd8aee5f8949a002070052ca68cc6c0167214dd55df289783cff682b808d85","ssdeep":"","tlshash":"f0600003000000a2c000220002382e202080002280000008800c20088a20000208300a","first_seen":"2023-04-05T04:17:27Z","last_seen":"2026-04-08T06:40:11.03108Z","times_seen":117004,"resource_available":false,"data":null}},"time_used":46,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":45,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/css/2287dbaa9ed4643a.css","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.490Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /_next/static/css/2287dbaa9ed4643a.css HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xaoPYDxwpbDnGODM65UnNHn0R6%2BTLFey7Ki2gQbOG%2BoHSkgkcyTr51YkYDCrMmXwhsPbwVGczTgYJd%2Bl2x%2FR%2BgRzRxRA3l6QpTxi0zI%2BsaVmOdhhX94LdMX4uPU8rg%3D%3D\"}]}\r\ncf-ray: 9e73aa8bec5256bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":68384,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"98ad0c6777f8ccf4aa01fc683e5007dd","sha1":"654002432572de464fa66329bc99f4671877c2c3","sha256":"970330e30ae77e42745d2950c0546d9af280298a94158801b53a73aeeb19e37b","sha512":"1efeca8c2f13edf49a1dfa45e38f5c1467dddcc2a49bd64bdd2ce03900aef4d6469a22d9da4c47f49be86b199b4ed3eeeb306ee3545017ba6f4cd2baad614fd2","ssdeep":"1536:k6l7m41sxUZqCuFiDsyodWidBz9XMli9PozWNw9cXMomUgefzXu7z:9","tlshash":"d563b8715228f03cb9b7e81375905acf7168d507f67366eee560b83a80c76933a6238d","first_seen":"2026-04-01T08:42:58.2285Z","last_seen":"2026-04-08T04:44:39.465188Z","times_seen":349,"resource_available":false,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/global/twq.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.517Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /global/twq.js HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0K2xqWIE4WrCIv0S%2FD5fG5MLtTNMKaiFxlHi2jEkzHnnFxP0gZ7VWE47KEHrXW%2FuQgShAUu1cFwT1%2FJOc7%2FBDUXxhr2HFyUw2kMRHpbEJkFoIUWwvEQXZaAcWXUk9A%3D%3D\"}]}\r\ncf-ray: 9e73aa8c0c9a56bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":308,"size_decoded":0,"mime_type":"application/javascript","magic":"CSV ASCII text","md5":"7f4d9e824f13f7d27acdc868f36f7208","sha1":"125a712d37aefe5d3e52ce2ae8986e109eb473de","sha256":"d6768cdba372d919e6d9322bf3cf3a0dfe427d86293aaf16f23d096028a00a1a","sha512":"d6395459961f34c3efc4c55ffa6bd873fbf20cf9aab17d31ec926d7ff645cfb9ae0cfea469b98e0604c5de162b60eb1bfc7b06a6fe91e3497f3a4fb32d29c20a","ssdeep":"","tlshash":"66e0e7f12d093d631fa11374117f931f3143210575595b91d59cd540376249f8037b8c","first_seen":"2025-03-19T10:41:28.935479Z","last_seen":"2026-04-08T04:44:39.442652Z","times_seen":9412,"resource_available":true,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":107,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/greenColorDSGN/mix/landing/bg/plinko.jpg","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:29.346Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /greenColorDSGN/mix/landing/bg/plinko.jpg HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-08T06:38:18.184888Z","times_seen":13493088,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/63712-08d55a4030f898f7.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.496Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /_next/static/chunks/63712-08d55a4030f898f7.js HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BzNzO12yvyylO3eCJvpyocxMzGj54Okyj3m%2FVBsBpeFywDV1Qt8scFMForJvdwRHjJyzvK8QRICPbs2CW2nWJhEAACMCrgeeORCh7UgoaakU42sWWKNwGDoSM84JYA%3D%3D\"}]}\r\ncf-ray: 9e73aa8bec6156bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22721,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (22721), with no line terminators","md5":"614fe7514839a09db165d48ad01da840","sha1":"e492263f454db98a8cc2c89c777e5572e854e343","sha256":"4974bda3ce7194ae592697daaccd424e6e8e231bf15187182bf4d16522e9bffb","sha512":"7eee15e6bce48c5b1adfc53ecfd7492109fa6272d866622f055b91ccc80e8bb4e9fdc350413cf4282d6b85b13fa72188cc51445cf6eafb6167d149ad45af1b8d","ssdeep":"384:RSHQzwzI46bFWDyhQ1qqo5W6m4WIQgn1fy4GaQANJVOPe4+snOcT34McbAmrh/2:/dZsunDqNs/AFD","tlshash":"1aa2b449b9d1f47453a3aa51843f440bf2674ea8a05db8d8d367c9e5adb888e4073f3c","first_seen":"2025-09-13T11:18:32.286663Z","last_seen":"2026-04-08T04:44:39.438431Z","times_seen":7559,"resource_available":true,"data":null}},"time_used":91,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":91,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/css/10dffa892f034c33.css","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.487Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /_next/static/css/10dffa892f034c33.css HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mO2gEola4zKMVNz%2BZA3fIZ%2BS0OwEC9%2FmIyHHf72e76gT7tSSkk0EiEOu8xkJ5e2bu0HKfHP5LINMws826RwVFIGP6DH86wJw%2BFjqQLj1IWYCHB%2FveHarNaKRh0PVlg%3D%3D\"}]}\r\ncf-ray: 9e73aa8bec4f56bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":75727,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"9671df6705f8fee758ac2981344ba5f5","sha1":"86da3c722f1ac332bdef5c75ada11d767f8ed71d","sha256":"7bbb6929fd1cae33d53c60eb6650786d95d7761318bb58118872b3d9f7130717","sha512":"8837e2cfacfe141efec612dd817cf0a8ebdba69989d0fc559bc1db6697a6037b53b7b2d071e30fd98a35c3ca0056da2b60ea50bf7e879c4b7e7f154c6a9da395","ssdeep":"768:9FVoU9aT1kzyfVrIP//+dEt+PG+dpvG5c5P4Nenit5gad:9zr9u1kzyfV8n/+dEt+G+7ZnM","tlshash":"4e73a5374130613c76e7aa35ba98a9cd3076c882a73356edf556bd29c1c31a73a533c8","first_seen":"2026-03-07T05:32:19.783199Z","last_seen":"2026-04-08T04:44:39.452397Z","times_seen":527,"resource_available":false,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/global/fbq.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.516Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /global/fbq.js HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Kr6WA8LyGHDSAkMeF8kHAyKpjQ%2BiAkPKlujCfQWKkWORLAGhWCY4cbDnjnO%2FVsUHTN7wH%2BZ%2F3QGCMkHQBXqWI1MLUfFCZMtANP%2FCPwfOeWdQ4e%2BZNCf4HfpBqVjfsA%3D%3D\"}]}\r\ncf-ray: 9e73aa8c0c9656bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":408,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"0b834c87557376668b3c3fde729a8db5","sha1":"872448d973ce02e75d52b31641d961601167d04c","sha256":"cc63b490224b081fc3bef6a696dc3ecbe7ea7bd45df00c8a53cfe304e7bd5469","sha512":"1c40528c95bf8c5d60ebf3dba6df8ca43390e5239ea50ef08705e547c48635a1f399f2f9d7207b4575822d2ce3dfd6e2b7ef7ee3b431255837cf2545ea5ed4c5","ssdeep":"","tlshash":"e7e0619f2c43b42733e97639c727a67b3763070178c2d919ba05c8151fe08966c96d9f","first_seen":"2025-03-19T10:41:28.92776Z","last_seen":"2026-04-08T04:44:39.468811Z","times_seen":9415,"resource_available":true,"data":null}},"time_used":84,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":84,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/global/favicons/greenColorDSGN.svg","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:29.108Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /global/favicons/greenColorDSGN.svg HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:29 GMT\r\ncontent-type: image/svg+xml; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin\r\nx-cast-cache: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9xzlAvtpC2E1BQUPBwR6pa9ls0MTiPyp6AfZOLkW5CU3aQl9jBFt%2FGUnX%2FiJSjr04uoHCtX2JIgYTgCkvbVoCWDuZL0pDINbBUTRh0b3GuEQdDnwEYopVR0DCup2kg%3D%3D\"}]}\r\nlast-modified: Sat, 04 Apr 2026 22:14:29 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncontent-encoding: br\r\ncf-ray: 9e73aa8fe80356bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1468,"size_decoded":0,"mime_type":"image/svg+xml; charset=UTF-8","magic":"SVG Scalable Vector Graphics image","md5":"50679c0c5e3ed56d05c1d0ed312419a7","sha1":"f9ea27ac71a78da2d61e14b84ea77ce447920d9d","sha256":"c164e1ea36438d14fea9b88996d154275a4c92fd80bfa082c7e00a343f241147","sha512":"163d4097d60ecdcf58cd01ea828e74491b0e27fcf3d40a2e7c56e6c90042d6d9a9b6cb18825052caf8799836ad35a44c1c88ffd2c35ce5d888d23716c27dd0f4","ssdeep":"","tlshash":"a4312e9e77fea185f448e7f8023999b932d36cd33a04d8282bc00c02e98091e9c9588b","first_seen":"2025-09-26T11:40:39.971586Z","last_seen":"2026-04-08T04:44:39.447842Z","times_seen":5855,"resource_available":false,"data":null}},"time_used":50,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":50,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/39801.084c1265ceab40f6.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:29.137Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /_next/static/chunks/39801.084c1265ceab40f6.js HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:29 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 04 Apr 2026 22:14:29 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=W%2FxG2bf4S%2FaFs6lha3Jd55NK8YGk6676GXJmGGCeShKhkHJu2wUhN6iFZpS4IBFQbAY4rRFHGykO%2BxFPTAe4M%2FZoO%2FZ7d9o4fuHJP%2FbLfFk4u33sOoGIqgvAUFEImQ%3D%3D\"}]}\r\ncf-ray: 9e73aa90182056bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":108722,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65270), with no line terminators","md5":"938a092ea2cdcaeae93ee6b6fd784f5d","sha1":"204510eb11b94c92302c6c311741622a1b09ed72","sha256":"7ed47e76a0f733ab1ebaf59b88ef5d3a6a671bf8c1af48ec74cd9cf01377fc7d","sha512":"e30fe668cf899f5e6aa789cbcd1cba95248be44ec02966e22bcb4cef06200e6d8c5fd243415b0d30cf697572bf5ea6b0d51a7142fa45ccdeac9678688efa8a48","ssdeep":"3072:pRrcfJstYNwTXVN16F+ZbBiliiyXnbAlHq:ostY5GAGbAQ","tlshash":"b9b3f80f420813f22f921202369f69deb72f515563668d6578edd03c234e9e9a23bbdd","first_seen":"2026-03-07T05:32:19.784979Z","last_seen":"2026-04-08T04:44:39.443898Z","times_seen":530,"resource_available":true,"data":null}},"time_used":85,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":85,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/api/mammoth/auth/check","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:29.295Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /api/mammoth/auth/check HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://herotox.com/\r\ncontent-type: application/json\r\nauthorization: null\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:29 GMT\r\ncontent-type: application/json\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8WMifxSddJ3299ig8eODVFgSdwd4A14hC0x9A7S8EVfdadwJUrAeBi64wnVMLJCo7U3oH%2FouNI0w6V1GZQBH4IXLWdakvQ6f8z0F9%2BAdr5%2F%2BFYqA8%2FZJrxDAVHhRfg%3D%3D\"}]}\r\ncf-ray: 9e73aa9118ef56bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":38,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"aced0d4c1bf7b416bd8757e86c69b12e","sha1":"242609e9dc75daa64e55af8d8254cdc02722ee92","sha256":"831690950d50aa783757553ff7dce0e549b2bf0c29fcc850ee8ef7a7f6bb54fa","sha512":"8c854561d71566fbd9d1e18c91f1bd391cbedf2b2e8b52d84205d4f773f36b14bfd5d3ca2cba9f5a300b8d96b025ab3eee5d5e3a19985e78386e04584e24d0b3","ssdeep":"","tlshash":"8d80040115000173f4001144113c1d115c54533745410014fc7cd0c4c7530d53043c17","first_seen":"2025-09-13T11:18:32.558363Z","last_seen":"2026-04-08T04:44:39.458663Z","times_seen":7317,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":45,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/34230-e87c8d35c9fa1ab6.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.507Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /_next/static/chunks/34230-e87c8d35c9fa1ab6.js HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Djenh%2FgNjh22XWlK%2B41SJBqb8BFbEtVQcWwF4G1xYmntgKo6GyrclfYtAj%2Fzb73Uj8Zixdcx7MQREHKYzh4CdXUFei0b%2F2kCYNnCrgtWHdq9mhAUlAV5x%2Bs25pj2Hg%3D%3D\"}]}\r\ncf-ray: 9e73aa8bfc7e56bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":23047,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (23047), with no line terminators","md5":"9b4900ae7910372c39f90a4ebc702603","sha1":"9a24a588c269ce9c3f57345c32fc19f6681dbc0b","sha256":"09f6962b4e78defeacf0013f19bf739d5427801904333b19f9ab4cf541db3440","sha512":"4a02c00c407ec0eee649e22031775550a2e27fd675d23235783ec11d04efda2480a219e318fbba5739af05b0bd575f5d6d94a5a5dd2db29a03b891b9ba3069d4","ssdeep":"384:05ae/t9qDM109qxJ7aPk9RqKIyoIPzM73I/AKIJ1L/7E48z/08zXvnL5/Tz7qt5V:veVwDM10wxJMKIKIy6IzIj/9KcKN/POB","tlshash":"b5a272c9a390993d2583c53fc635b426e2bf09fa753e534062a9c63df909cc4e7365a8","first_seen":"2025-10-16T04:05:32.834372Z","last_seen":"2026-04-08T04:44:39.430621Z","times_seen":7493,"resource_available":true,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":115,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/app/(landing)/page-e7fe8e8ad23b29ea.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.514Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /_next/static/chunks/app/(landing)/page-e7fe8e8ad23b29ea.js HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lY1joqDhC4c0pcB1su0i4%2FTxlFQNl3a7MMyXPech75yF5Txttr4doLZbqVi0oy6LHsX7ZLFuXGwzIGgf973110l5vCT8VMVokQqqdsHQ5mfuHNnJrhwprhuQ62lsGQ%3D%3D\"}]}\r\ncf-ray: 9e73aa8c0c8f56bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15195,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (15195), with no line terminators","md5":"28174b0bb3133185e1766201bfc0572a","sha1":"7432dd8fa09bb7cad29cec5ba4edd76a9d4e70a9","sha256":"a3b166f8ecffc3fb415187e2ae95e08bb0cc0e523b4111db92aa8fdf2873027b","sha512":"51d525ebdb1dad93f0cf15f77f8ece679054e7d6b3ca88f675fc645bc532a2354e759a4e0419fd5b95eb03659a3159e8f460e73b29dd8e0de44fc64c2ae9d8b8","ssdeep":"384:+Saddq55XGydqhFoSObqu7zYOJV56Jchz:+Sqk5WWWoSObqQJV5hhz","tlshash":"0662a741e254daacf45394adc32ea03d326f2599d65e8570f8fd9c3461094c8fb2bbac","first_seen":"2026-03-07T17:34:33.362129Z","last_seen":"2026-04-08T04:44:39.45741Z","times_seen":189,"resource_available":true,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/webpack-6209289b887f51dd.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.492Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /_next/static/chunks/webpack-6209289b887f51dd.js HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zUMXbT7VIK%2B0gNJxrtuFlkjji7AfadMfW8b64GxSJ9wZ4NKWsykDdYrDJZ5pqIpfJUwwh6LU4nQJSkmoXTyIOIZ7%2BavyiMX3eY1Liqtn7c%2BaLffW4AM%2FoF4N9qZSrw%3D%3D\"}]}\r\ncf-ray: 9e73aa8bec5656bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26723,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (26723), with no line terminators","md5":"03d3306bbf7b7f334abe4763d979e9eb","sha1":"0b4180018d60d24eebd16915c25177a44c58a4d6","sha256":"dd5320fdddfc901e0964cd68d3bc649455c4b9190de6963aa556e7f714c4fac3","sha512":"146126b3aacbe737237e2450d0a5af272d8ad8420c2e17f451fa29b55051a4199c9af809cbac7dcc51120fd1d148d8e5c6b95a99052fd3bcc740f75e9088dfcf","ssdeep":"768:++ybMHFdgJVhQskYzZumragyk/TlZeCPuLhO7/outNOPUhMfcJJi:0bMlarpLVNragnZsCChODouWcMSJi","tlshash":"5cc23abdb31cecee3c3005c2ac5624f46914b1227c4648d171dae77a04b6c79a76afa6","first_seen":"2026-04-01T07:30:57.1816Z","last_seen":"2026-04-08T04:44:39.463582Z","times_seen":466,"resource_available":true,"data":null}},"time_used":92,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":92,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/_next/static/chunks/app/global-error-2870bfd8a75981b3.js","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"172.67.192.204","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:28.515Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /_next/static/chunks/app/global-error-2870bfd8a75981b3.js HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 04 Apr 2026 22:14:28 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncast-mode: api\r\nvary: Origin, accept-encoding\r\ncontent-encoding: gzip\r\nlast-modified: Sat, 04 Apr 2026 22:14:28 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xfwXgj4t6px0PGYTpE5%2Fs2h7SiHPkCsBdFZOfyCS30ZLjotJ%2FzVPbJ6%2BjX6A157LQH1YLbR18%2B337VgdBijdFaPLK1het1ZQ%2ByyEs4quB1M85j46qyyZRQZU0Uvypg%3D%3D\"}]}\r\ncf-ray: 9e73aa8c0c9456bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":257,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"b9a1f9739cea566209a5d97cd6bbdf58","sha1":"23d3e0b04f270abae4738cd56edf40dcba207c94","sha256":"94bc684465b19b338426f3f47ee0f7e3f162dc01138340a20c4ab9bba9258120","sha512":"082430a5d2b35da80f04382cf4afd243fa7ae0ff20527605b3a62e183f53af51f96b7e8107985516c4834babd69fa7fb485b6e43def1c9b4d4347d54ae5fce94","ssdeep":"","tlshash":"8cd02bc51191bea874165aa955b4c835304510f7302ddcdee713ee2108a25a00351c0d","first_seen":"2026-03-07T05:32:19.751926Z","last_seen":"2026-04-08T04:44:39.46795Z","times_seen":676,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"herotox.com/greenColorDSGN/mix/landing/logo/plinko.svg","fqdn":"herotox.com","domain":"herotox.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://herotox.com/","date":"2026-04-04T22:14:29.349Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"herotox.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Mar 2026 15:16:12 GMT","end":"Fri, 26 Jun 2026 15:16:11 GMT"},"fingerprint":{"sha1":"F0:87:31:55:02:FE:9C:8B:B2:A2:0D:26:F2:56:04:38:7C:6F:8B:72","sha256":"9A:24:08:CA:E8:DC:13:16:A2:E0:7D:42:53:B1:CB:6B:EE:D6:D9:38:B0:63:E8:1F:58:C1:6E:7B:68:FE:DF:F0"}}},"request":{"raw":"GET /greenColorDSGN/mix/landing/logo/plinko.svg HTTP/1.1\r\nHost: herotox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://herotox.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-08T06:38:18.184888Z","times_seen":13493088,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-04","alert":"Phishing Block","trigger":"herotox.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-04","alert":"Sinkholed","trigger":"herotox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}