urlscan.io logo urlscan.io
SecurityTrails logo

hegov.xyz Open in urlscan Pro
172.67.129.195  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://hegov.xyz/
Effective URL: https://hegov.xyz/
Submission Tags: shiny c290acadafe6362a fc6b18fd85158e2b bfst honeypoter@gmail.com Search All
Submission: On June 16 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 41 HTTP transactions. The main IP is 172.67.129.195, located in United States and belongs to CLOUDFLARENET, US. The main domain is hegov.xyz.
TLS certificate: Issued by WE1 on June 6th 2024. Valid for: 3 months.
This is the only time hegov.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

8    172.67.129.195 (United States)

ASN13335 (CLOUDFLARENET, US)
hegov.xyz
1    2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
22    142.251.42.194 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f2.1e100.net
pagead2.googlesyndication.com
2    142.250.206.194 (United States)

ASN15169 (GOOGLE, US)
PTR: kix07s07-in-f2.1e100.net
googleads.g.doubleclick.net
2    2404:6800:4004:80f::200a (Australia)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2404:6800:400a:80e::2003 (Osaka, Japan)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2404:6800:4004:81f::2001 (Australia)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    142.250.198.4 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s58-in-f4.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
24 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 136
tpc.googlesyndication.com — Cisco Umbrella Rank: 172
1 MB
8 hegov.xyz
hegov.xyz
416 KB
2 gstatic.com
fonts.gstatic.com
122 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
2 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 63
1 google.com
www.google.com — Cisco Umbrella Rank: 5
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 814
31 KB
41 7
Domain Requested by
22 pagead2.googlesyndication.com hegov.xyz
pagead2.googlesyndication.com
8 hegov.xyz hegov.xyz
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com hegov.xyz
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 code.jquery.com hegov.xyz
41 8

This site contains no links.

Subject Issuer Validity Valid
hegov.xyz
WE1		 2024-06-06 -
2024-09-04		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-05-21 -
2024-08-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-05-21 -
2024-08-13		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://hegov.xyz/
Frame ID: C0A5584235F43627F6A5669E57A7C062
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240612/r20110914/zrt_lookup_fy2021.html
Frame ID: C7AD24FD07E58F919F3A598155FECBEC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3469766581568321&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1718497172&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fhegov.xyz%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=29_18&aiixl=29_5&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1718497171998&bpp=7&bdt=152&idt=333&shv=r20240612&mjsv=m202406110101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=7969402564071&frm=20&pv=2&ga_vid=2074072666.1718497172&ga_sid=1718497172&ga_hid=882748268&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C95334509%2C95334524%2C95334570%2C95334820%2C95334054%2C95335291%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2021629050045198&tmod=1684354484&uas=0&nvt=1&fsapi=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=362
Frame ID: 259D8C6AEB8E6F4D91308265BE33A0BA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 685651A54880F2C5BEBAF0C3082CB279
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 59DC6C37932E519D2681AF552B42FC97
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Outils Web en ligne

Page URL History Show full URLs

  1. http://hegov.xyz/ HTTP 307
    https://hegov.xyz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

98 %
HTTPS

50 %
IPv6

7
Domains

8
Subdomains

9
IPs

3
Countries

1760 kB
Transfer

4595 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hegov.xyz/ HTTP 307
    https://hegov.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hegov.xyz/
Redirect Chain
  • http://hegov.xyz/
  • https://hegov.xyz/
115 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hegov.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc48912d86fde33ae3c62d1da5a5bce3b4b69956514ad1ee2af58fd3f7e92fe7

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8946a0f829328a78-NRT
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 16 Jun 2024 00:19:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VlbfSi4lZtC1TJZxMBtLf4ZVtpoHLT5r7p8LYsxuwU8lV0L2WZDkC7KOIcXoDUhhFgfpDLar7OIeBcHaSmbKboiTT297XbC1F4rbJczzb1UQxhnFbjQsra7yiGc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

Location
https://hegov.xyz/
Non-Authoritative-Reason
HttpsUpgrades
jquery-3.6.1.min.js
code.jquery.com/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.1.min.js
Requested by
Host: hegov.xyz
URL: https://hegov.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://hegov.xyz/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 16 Jun 2024 00:19:31 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
4353362
x-cache
HIT, HIT
content-length
30957
x-served-by
cache-lga13629-LGA, cache-nrt-rjtf7700036-NRT
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1718497172.871136,VS0,VE0
etag
W/"28feccc0-15e40"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
4, 467286
app.css
hegov.xyz/css/ 		152 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hegov.xyz/css/app.css
Requested by
Host: hegov.xyz
URL: https://hegov.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d526086847e9b1326a96d821a9fe40f5aeccbfa3257cd9c8c5632c250ee01f94

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://hegov.xyz/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 16 Jun 2024 00:19:32 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 07 Jun 2024 08:36:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6662c696-2617d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BzO0PaKSeFRJbZzYDjkPygCQC%2BznyxlBekYKZPHh10y7vlaxqAIa6UKFSVw20TtvRVPakdnnuTWUjwK6xfR6Rf6vJ4joV0JO3PV94ve0qhptT8mBkNkrmG6heEY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
8946a0fc1f928a78-NRT
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
app.js
hegov.xyz/js/ 		167 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hegov.xyz/js/app.js
Requested by
Host: hegov.xyz
URL: https://hegov.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
037fff487052ce411c89aaf2fb94919370f1d2b153195b75aed35543c726d638

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://hegov.xyz/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 16 Jun 2024 00:19:32 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 07 Jun 2024 08:36:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6662c696-29abb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qyn1C5mlvnZ9syuxrUUaVNzLOt3RY2azJBx9yz%2Ffvy2xaju9Y8pG5OCr%2BIqUyLRK1BxeGzWrNdJdvAmvqY%2FOfqoFjyj87u3%2BqTRV9KBUJzcMG2Wk%2FiQuqQcB4rc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
8946a0fc4fd38a78-NRT
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
custom.css
hegov.xyz/ 		731 B
702 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hegov.xyz/custom.css
Requested by
Host: hegov.xyz
URL: https://hegov.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
316f89472f7d32157439f35b924683904a0053853f9b5ae9a0584690be8dd588

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://hegov.xyz/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 16 Jun 2024 00:19:32 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 07 Jun 2024 08:36:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6662c696-2db"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WklY5b2d7tO6mUTHI6N57uNSD6eM9hCjnfuZOu8VgpQz6ADM0E3%2FtrhALRD75VwLMYLPix3RRpLO9Upm1bCFVF0ZGh3jfPePaEGh2flRbKvzMvoqk52JcY6VEAE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
8946a0fc1f958a78-NRT
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		158 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3469766581568321
Requested by
Host: hegov.xyz
URL: https://hegov.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
be51e71925515ed3270ff3593d30de9abd635ba55ebec8c8778ab1c60101fca6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hegov.xyz/
Origin
https://hegov.xyz
Accept-Language
ja-JP,ja;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 16 Jun 2024 00:19:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53138
x-xss-protection
0
server
cafe
etag
2186915254370643078
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 16 Jun 2024 00:19:31 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9344569466867836
Requested by
Host: hegov.xyz
URL: https://hegov.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
1a9911539d01355e68af30215f138e67faffcb621e62116e06dc0ef74a3e0d61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hegov.xyz/
Origin
https://hegov.xyz
Accept-Language
ja-JP,ja;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 16 Jun 2024 00:19:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52017
x-xss-protection
0
server
cafe
etag
1897657986319152638
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 16 Jun 2024 00:19:31 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3591154491513506
Requested by
Host: hegov.xyz
URL: https://hegov.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
d7bfef70f30a64bdcd093092ad25010a2892af73db20384c1365e78823ad152b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hegov.xyz/
Origin
https://hegov.xyz
Accept-Language
ja-JP,ja;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 16 Jun 2024 00:19:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52016
x-xss-protection
0
server
cafe
etag
9182734652392263019
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 16 Jun 2024 00:19:31 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		158 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8065172647673529
Requested by
Host: hegov.xyz
URL: https://hegov.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
e13df66556e9fe0fb4b0e32cc90e0c04462eac36416140c4d66e080583daa656
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hegov.xyz/
Origin
https://hegov.xyz
Accept-Language
ja-JP,ja;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 16 Jun 2024 00:19:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53137
x-xss-protection
0
server
cafe
etag
7921008413368195161
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 16 Jun 2024 00:19:31 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		158 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2495305840500809
Requested by
Host: hegov.xyz
URL: https://hegov.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
e4498f3f01de12b7c3aa78496891d2f450662fb37601f9afa6e4a204f339a123
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hegov.xyz/
Origin
https://hegov.xyz
Accept-Language
ja-JP,ja;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 16 Jun 2024 00:19:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53136
x-xss-protection
0
server
cafe
etag
15830614524897773454
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 16 Jun 2024 00:19:31 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4199964637868261
Requested by
Host: hegov.xyz
URL: https://hegov.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
3fcd9008058b6f957cf48e06942b60bad7a8c40be808d43059e9b36896e68f55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hegov.xyz/
Origin
https://hegov.xyz
Accept-Language
ja-JP,ja;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 16 Jun 2024 00:19:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52019
x-xss-protection
0
server
cafe
etag
9370426995470464920
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 16 Jun 2024 00:19:31 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		158 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6518672864437245
Requested by
Host: hegov.xyz
URL: https://hegov.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
31bcaffec7812b2ad70d604980503258d9f34d4154dc5ab3268ca56e3ff5159f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hegov.xyz/
Origin
https://hegov.xyz
Accept-Language
ja-JP,ja;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 16 Jun 2024 00:19:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53135
x-xss-protection
0
server
cafe
etag
17558374478485830345
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 16 Jun 2024 00:19:32 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		158 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4784278606260777
Requested by
Host: hegov.xyz
URL: https://hegov.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
0e79927257bdad8bb89b5596e0e0eb3ec8fae8e5cbe7b2f681db01f18af7f3ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hegov.xyz/
Origin
https://hegov.xyz
Accept-Language
ja-JP,ja;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 16 Jun 2024 00:19:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53135
x-xss-protection
0
server
cafe
etag
697408552624928484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 16 Jun 2024 00:19:32 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		158 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2269916319097079
Requested by
Host: hegov.xyz
URL: https://hegov.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
b55c2d55abfc4961d21b5282b435d1bb0097722d296f77f03a5cc102e75e5897
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hegov.xyz/
Origin
https://hegov.xyz
Accept-Language
ja-JP,ja;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 16 Jun 2024 00:19:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53136
x-xss-protection
0
server
cafe
etag
290624855463512164
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 16 Jun 2024 00:19:32 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9410056216643091
Requested by
Host: hegov.xyz
URL: https://hegov.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
575d817a25ae5e28ba7b8ef49fc808d0ab62c869e5bef60096ba952a3a6a97a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hegov.xyz/
Origin
https://hegov.xyz
Accept-Language
ja-JP,ja;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 16 Jun 2024 00:19:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52017
x-xss-protection
0
server
cafe
etag
4914444328887372163
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 16 Jun 2024 00:19:32 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		158 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2603170688350683
Requested by
Host: hegov.xyz
URL: https://hegov.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
ef08b4bfd6f7667322844f40cf46bf7e8f1ea4e0e8eb0d58d3cdc291242461f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hegov.xyz/
Origin
https://hegov.xyz
Accept-Language
ja-JP,ja;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 16 Jun 2024 00:19:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53136
x-xss-protection
0
server
cafe
etag
4311880347240691833
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 16 Jun 2024 00:19:32 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6061254461262926
Requested by
Host: hegov.xyz
URL: https://hegov.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
fd253948fce7364a089cd919900d04a69cc675e0d5efe8095320e946506bb75a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hegov.xyz/
Origin
https://hegov.xyz
Accept-Language
ja-JP,ja;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 16 Jun 2024 00:19:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52018
x-xss-protection
0
server
cafe
etag
15244779547897089476
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 16 Jun 2024 00:19:32 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		158 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5281286432275699
Requested by
Host: hegov.xyz
URL: https://hegov.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
182643d1befb41fecb5a192820e88c8856b9114a5ae5deeb80228908f64d20cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hegov.xyz/
Origin
https://hegov.xyz
Accept-Language
ja-JP,ja;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 16 Jun 2024 00:19:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53136
x-xss-protection
0
server
cafe
etag
131130122845294521
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 16 Jun 2024 00:19:32 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5532841653040338
Requested by
Host: hegov.xyz
URL: https://hegov.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
91d366fb7412a60dad2213af9b399a6e4f587ce345f86016d055a043f5ed6252
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hegov.xyz/
Origin
https://hegov.xyz
Accept-Language
ja-JP,ja;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 16 Jun 2024 00:19:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52020
x-xss-protection
0
server
cafe
etag
1260930210893618714
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 16 Jun 2024 00:19:32 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9663664690558039
Requested by
Host: hegov.xyz
URL: https://hegov.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
2c989e9b74bd2769ab6d5178b7891dae3e322c8370d6850f395345c3087ff7ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hegov.xyz/
Origin
https://hegov.xyz
Accept-Language
ja-JP,ja;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 16 Jun 2024 00:19:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52021
x-xss-protection
0
server
cafe
etag
5374736268359309043
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 16 Jun 2024 00:19:32 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1545254490038418
Requested by
Host: hegov.xyz
URL: https://hegov.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
6ed11969d44f21ce0242742f249565c3aeb832089798189b0e586f5b28fad848
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hegov.xyz/
Origin
https://hegov.xyz
Accept-Language
ja-JP,ja;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 16 Jun 2024 00:19:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52022
x-xss-protection
0
server
cafe
etag
11115732874168504522
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 16 Jun 2024 00:19:32 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		158 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1704802101883510
Requested by
Host: hegov.xyz
URL: https://hegov.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
b52c090616a1f01a9a118ba6008680bedff4953dd76a01f83796da176fd94e25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hegov.xyz/
Origin
https://hegov.xyz
Accept-Language
ja-JP,ja;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 16 Jun 2024 00:19:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53136
x-xss-protection
0
server
cafe
etag
17183690712993623550
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 16 Jun 2024 00:19:32 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1866374394910649
Requested by
Host: hegov.xyz
URL: https://hegov.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
239e3d70eccae9b090c4ea9c7211261f611afa4ac31232166102cc5d33357bfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hegov.xyz/
Origin
https://hegov.xyz
Accept-Language
ja-JP,ja;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 16 Jun 2024 00:19:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52017
x-xss-protection
0
server
cafe
etag
13343368844072050073
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 16 Jun 2024 00:19:32 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		158 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5959533352154162
Requested by
Host: hegov.xyz
URL: https://hegov.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
acddbd6252dde592c71b7b492ae29b7fcd923d3c3d56b388461a8107ef58deaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hegov.xyz/
Origin
https://hegov.xyz
Accept-Language
ja-JP,ja;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 16 Jun 2024 00:19:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53135
x-xss-protection
0
server
cafe
etag
9076679917843581726
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 16 Jun 2024 00:19:32 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8448097650998813
Requested by
Host: hegov.xyz
URL: https://hegov.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
d7e0e5ececce69eda42b89f6dd29e4c633334d6d145315498bc98b8a49eae2db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hegov.xyz/
Origin
https://hegov.xyz
Accept-Language
ja-JP,ja;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 16 Jun 2024 00:19:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52019
x-xss-protection
0
server
cafe
etag
14522676170891678507
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 16 Jun 2024 00:19:32 GMT
logo.png
hegov.xyz/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hegov.xyz/images/logo.png
Requested by
Host: hegov.xyz
URL: https://hegov.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67ba7669132299a55135cd195d13ec4345eff1231d668d2d51987628e769751a

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://hegov.xyz/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 16 Jun 2024 00:19:32 GMT
cf-cache-status
MISS
last-modified
Fri, 07 Jun 2024 16:08:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6663307a-276b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g02hdQ2nlQug20DCFQkPCV7TIAvAd4qbPTOUm0BweeTMDvq3TyRk0t%2Bx7eDjDQPl40oJvcbWLr2qby2tctLwjuRUpBIFlV0ancn9h4hrLaGFz%2BwOtGt1ibxnQfE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8946a0fc4fd78a78-NRT
alt-svc
h3=":443"; ma=86400
content-length
10091
expires
Thu, 31 Dec 2037 23:55:55 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406110101/ 		426 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406110101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3591154491513506
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
d19b0a78c3687a40e6418ef9e430a9dbdd34207276a1e7b78e4777d976026daf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://hegov.xyz/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 16 Jun 2024 00:19:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147252
x-xss-protection
0
server
cafe
etag
13372032145084374820
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 16 Jun 2024 00:19:32 GMT
header-bg.jpg
hegov.xyz/images/ 		292 KB
293 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hegov.xyz/images/header-bg.jpg
Requested by
Host: hegov.xyz
URL: https://hegov.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c5d80b8808bb9929b10b293f9d003b951c025322776f956623e49d92b80073d

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://hegov.xyz/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 16 Jun 2024 00:19:33 GMT
cf-cache-status
MISS
last-modified
Fri, 07 Jun 2024 08:36:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6662c697-4903b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UWAis3UnnAA1UEYl63OlqJTPZHatQnzhxaNDLhTO04RDI%2Bd%2F%2BgcXEEVJIeR7YKFsGjrAeVWLmExbwtDxiyIgjm9nhN0qwodNvoTjREYTBFkH9Nk2buYMhF6Xv68%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8946a0fd08f78a78-NRT
alt-svc
h3=":443"; ma=86400
content-length
299067
expires
Thu, 31 Dec 2037 23:55:55 GMT
cookie-consent.js
hegov.xyz/vendor/cookie-consent/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hegov.xyz/vendor/cookie-consent/js/cookie-consent.js
Requested by
Host: hegov.xyz
URL: https://hegov.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a916db0dac1b2cd27e213f32e34624b4afd145d0833c624f2aa7d4920c10c0d

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://hegov.xyz/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 16 Jun 2024 00:19:32 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 07 Jun 2024 08:36:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6662c697-3017"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cz7ez1STl4TZrVpLTCkLofaDn%2F0IRwtQx0hLZzbZh8b8bDFRWiWRjpCE2MTSbeMORN7htbOPAwjIMKS1UCUbM%2BjwiYRhM%2FBecdJ8%2B026OhxE50QvLrPj6FONRuk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
8946a0fedb848a78-NRT
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240612/r20110914/ Frame C7AD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240612/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406110101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://hegov.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

age
19025
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4165
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jun 2024 19:02:27 GMT
etag
16861080603521627538
expires
Sat, 29 Jun 2024 19:02:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 259D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3469766581568321&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1718497172&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fhegov.xyz%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=29_18&aiixl=29_5&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1718497171998&bpp=7&bdt=152&idt=333&shv=r20240612&mjsv=m202406110101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=7969402564071&frm=20&pv=2&ga_vid=2074072666.1718497172&ga_sid=1718497172&ga_hid=882748268&ga_fc=0&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C95334509%2C95334524%2C95334570%2C95334820%2C95334054%2C95335291%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2021629050045198&tmod=1684354484&uas=0&nvt=1&fsapi=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=362
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406110101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://hegov.xyz/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jun 2024 00:19:32 GMT
expires
Sun, 16 Jun 2024 00:19:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ 		17 KB
996 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Flex:opsz,wght@8..144,300;8..144,400;8..144,500;8..144,600;8..144,700&display=swap
Requested by
Host: hegov.xyz
URL: https://hegov.xyz/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
99ceb9faac586486a8d2aca1191bff94c7d215e5dcfd343f9a373a84f0d25c45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://hegov.xyz/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000
date
Sun, 16 Jun 2024 00:19:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Sun, 16 Jun 2024 00:19:32 GMT
css2
fonts.googleapis.com/ 		7 KB
989 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Nunito:ital,wght@0,500;0,600;0,700;1,400&display=swap
Requested by
Host: hegov.xyz
URL: https://hegov.xyz/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
df7fdae060aae1a02d2cd41ff3ae3864a8b1e41f999e3f2b09490c26646df1ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://hegov.xyz/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000
date
Sun, 16 Jun 2024 00:19:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Sun, 16 Jun 2024 00:19:32 GMT
NaNNepOXO_NexZs0b5QrzlOHb8wCikXpYqmZsWI-__OGbt8jZktqc2V3Zs0KvDLdBP8SBZtOs2IifRuUZQMsPJtUsR4DEK6cULNeUx9XgTnH37Ha_FIAp4Fm0PP1hw45DntW2x0wZGzhPmr1YNMYKYn9_1IQXGwJAiUJVUMdN5YUW4O8HtSoXjC79QRyaLshNDUf3...
fonts.gstatic.com/s/robotoflex/v26/ 		83 KB
83 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoflex/v26/NaNNepOXO_NexZs0b5QrzlOHb8wCikXpYqmZsWI-__OGbt8jZktqc2V3Zs0KvDLdBP8SBZtOs2IifRuUZQMsPJtUsR4DEK6cULNeUx9XgTnH37Ha_FIAp4Fm0PP1hw45DntW2x0wZGzhPmr1YNMYKYn9_1IQXGwJAiUJVUMdN5YUW4O8HtSoXjC79QRyaLshNDUf3e0O-gn5rrZCu20YNau4OPFu02G5.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Flex:opsz,wght@8..144,300;8..144,400;8..144,500;8..144,600;8..144,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:80e::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a346cc70d692774c0924265c31a9eb4a6f2e9e6e773703dc3fda4e82cce32e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hegov.xyz
Accept-Language
ja-JP,ja;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 13 Jun 2024 10:40:12 GMT
x-content-type-options
nosniff
age
221960
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
84524
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 18:34:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 10:40:12 GMT
XRXV3I6Li01BKofINeaBTMnFcQ.woff2
fonts.gstatic.com/s/nunito/v26/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaBTMnFcQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito:ital,wght@0,500;0,600;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:80e::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd1d87a3e43058c21090e00341b2ccce34653e9ca3e67c33e4ad7ac9ab6bc883
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hegov.xyz
Accept-Language
ja-JP,ja;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 13 Jun 2024 13:40:05 GMT
x-content-type-options
nosniff
age
211167
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39188
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:02:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 13:40:05 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240612&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406110101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
ccd612a33b4c73ba9ca177881f4d91eed5c29aea18aba4c64a160a16b4e5e08e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://hegov.xyz/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 16 Jun 2024 00:19:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12417
x-xss-protection
0
favicon.ico
hegov.xyz/ 		21 KB
21 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://hegov.xyz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.129.195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4d52dedca3f54e382daa1445175102d7725ba74a41e048e0feb5012353e21cf

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://hegov.xyz/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 16 Jun 2024 00:19:34 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 07 Jun 2024 16:08:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66633068-53ff"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7zua9udi4FLwsbXZkTd8fUNTKkX8149rcmdTVtmUzwIz1GNO4pHctujOJNQA8xw1zFdSk%2FV9OfqfuXZc0tY0KUnxt%2BQ92ngsWtOzvOLnc7lIvuvfQkJeV3j2zIE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cf-ray
8946a108bf7f8a78-NRT
alt-svc
h3=":443"; ma=86400
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406110101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://hegov.xyz/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 16 Jun 2024 00:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 16 Jun 2024 00:19:34 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6856 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81f::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://hegov.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

accept-ranges
bytes
age
29481
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jun 2024 16:08:13 GMT
expires
Sun, 15 Jun 2025 16:08:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 59DC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.198.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-T4AxmaUoGCPfMC9r7XLw7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
ja-JP,ja;q=0.9;q=0.9
Referer
https://hegov.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'nonce-T4AxmaUoGCPfMC9r7XLw7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jun 2024 00:19:34 GMT
expires
Sun, 16 Jun 2024 00:19:34 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240612&jk=2021629050045198&bg=!Z2SlZCvNAAb64txl2uI7ADQBe5WfOOhXxHU75WtkH8NSsSrEmTmh39lVYXLk7bJw7_NIpc7ZnijsVCIyGPeyB4OQN_LxAgAAADdSAAAADGgBB34ANI0te8gkwE8ZSuDZgcyk4KGWbhIQj5umExiYmca3oNSqBxQlvGsdbe2yem4jVD8mnt163OAKAL4f30T4wfdfQe44Gc60EwcPGAxhA4WpZvh7HD3-v5yGHiQ2FKnbwhcAcLLXvSHS6VIx26N88G2AULHhHVvvE3hj24QNq1azf3atQUBx8EB4r-C4HN9fiPbRaDA2jSCCxYYmCmLF1k2K4SuNL-qXKUvESV_zbKqLBx6Bj-baIHDDTy3T0OLue6m87aklimLSaYDX0520kJ0b9pYZSTBNUd40OrJjxHl600bcFOhyWwZ8wKn6QuPA1etS0pEDJcmFmQKFhGGNk-rvsFHeHrO4kS9w63bQnuRoyEHSLyVuJnzROtwFKFTlORKiRmOuA7L0we_KCgu0k0fL4PNI5jpg-LuhVAriF13w0uDk2343KpFJwm72s19rFXaWWqlzNlWgs5GbqNxEI-0NCWE66pJ_OxRRu7LFe9zTveViZSpYmVFk_mrCkDUbq1VLMcACn3PUWcK3j5VDz3ooZJr_Udtz8lJLRVtsn8XicrhnfxZNcQ6IB9QDhRb91WR7bkckieQvkmB25cDcd6iwenFFjWbP8Jd4I4VHHGhmqPG7_kmwUH9vfqk45uzhxVj4R7S3sVKQ6o7v5LaG3Hs9YdKLYMWwZemqvUBjcOxZz4PkrrB4G4fCqOdH0_LBOhDzF3-hVIYxaxxunR35cws8I3aZGj_epbWzJTCYUWD29BZU9LcLo5cVEbbWqJ_8Qu-GSM-zy5EB4utCxyRS1teLKA-j2Ata7peUEmysO2tNh5IV2qXkV036Z4VkyKHtCj1yIUIsIEsGLH4jxUXR72t7WePhHcq2BhxIDuP1Qt6WcCfheUgrtW5U20TKjICSfqsezn4z6OZSossfPU_-b-pmwd-FYOWeAiLYLmILb85b_Dxxkod7OkQQIJf75nf2PdjklUkwBOgsHacSxqF76Rq8GffNssfHTgj70mQyj-yVBFk2NX8YM8j5HHc1wUNzfzDtkWGO_Zi79Po_LTuJmWP7cgf9J-rXL-IDgVr-16Ti23hu4fC9U42FLpcvDfbmDTjPz6KiR5mrfleUPK_wyBYU_5nVLoE5-410K8k3UA07YYi9PY7FkWzqqKBOSIPY54JR8fnOHoxM80iu8Khxbz4OP5lOj7bEB82i_jpqQ5l1

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 undefined| event object| fence object| sharedStorage function| $ function| jQuery object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| webpackChunk object| Pace object| GoogleGcLKhOms object| google_image_requests

3 Cookies

Domain/Path Name / Value
hegov.xyz/ Name: XSRF-TOKEN
Value: eyJpdiI6ImdPa1VEZzdjOTVScDk3Y04wdDQybmc9PSIsInZhbHVlIjoidldVUFN0Q0k1a0dmVWw2NHFZZTY0T1M3aEM4THhjcGFKd1pLYWU3TVhJSEszS2NibHRjMllZR2VLVTgrdnkydnRaa0pJcXBrWUl2MWEzNk5EWkVvK0lnWHZMSmo1R25sTnFPQlZyci8zOW9nOHFNWFo4aEVhQ29MUTlKSG9LeGgiLCJtYWMiOiI4OTNkZjM2YjM2MWJmNmMxNmYxMWZjNzA5N2U2MDA3YTU2ZmE0MTVlN2MwYjEwNmQ3NTZiZDg2NDIwNzk3ZDA1IiwidGFnIjoiIn0%3D
hegov.xyz/ Name: webtools_session
Value: eyJpdiI6IjdpNFIxOHpuQ3pIellGT0c3TTVQUXc9PSIsInZhbHVlIjoiV25TRDFhQ3pFclpIRE1HalRyVzlaNTJSakdaNlRBUXdFNGU4QXVKK0JKSWpNazFFQ1RnUTZkL3lReE93RE5ZNGYvVWZuNVhPcndjdVJsTGp0d2owWkpqdFZWR2JpL3hrVXlpNU9weWltaUo3Z3E5c2tydFAxaU43eEJpUWJ2cXIiLCJtYWMiOiJjZjYxOGU0OTY1OWE2ZmU2ZTFhYTM2MDU2MWZkYzlkMjdjNDI4OGU4NzU0ODU2NTI4MzkwYzM2OTBhMWEwZGViIiwidGFnIjoiIn0%3D
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hegov.xyz
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
pagead2.googlesyndication.com
142.250.198.4
142.250.206.194
142.251.42.194
172.67.129.195
2404:6800:4004:80f::200a
2404:6800:4004:81f::2001
2404:6800:400a:80e::2003
2a04:4e42::649
037fff487052ce411c89aaf2fb94919370f1d2b153195b75aed35543c726d638
0e79927257bdad8bb89b5596e0e0eb3ec8fae8e5cbe7b2f681db01f18af7f3ee
182643d1befb41fecb5a192820e88c8856b9114a5ae5deeb80228908f64d20cc
1a9911539d01355e68af30215f138e67faffcb621e62116e06dc0ef74a3e0d61
1c5d80b8808bb9929b10b293f9d003b951c025322776f956623e49d92b80073d
239e3d70eccae9b090c4ea9c7211261f611afa4ac31232166102cc5d33357bfd
2c989e9b74bd2769ab6d5178b7891dae3e322c8370d6850f395345c3087ff7ec
316f89472f7d32157439f35b924683904a0053853f9b5ae9a0584690be8dd588
31bcaffec7812b2ad70d604980503258d9f34d4154dc5ab3268ca56e3ff5159f
3a346cc70d692774c0924265c31a9eb4a6f2e9e6e773703dc3fda4e82cce32e6
3a916db0dac1b2cd27e213f32e34624b4afd145d0833c624f2aa7d4920c10c0d
3fcd9008058b6f957cf48e06942b60bad7a8c40be808d43059e9b36896e68f55
575d817a25ae5e28ba7b8ef49fc808d0ab62c869e5bef60096ba952a3a6a97a6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67ba7669132299a55135cd195d13ec4345eff1231d668d2d51987628e769751a
6ed11969d44f21ce0242742f249565c3aeb832089798189b0e586f5b28fad848
91d366fb7412a60dad2213af9b399a6e4f587ce345f86016d055a043f5ed6252
99ceb9faac586486a8d2aca1191bff94c7d215e5dcfd343f9a373a84f0d25c45
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
acddbd6252dde592c71b7b492ae29b7fcd923d3c3d56b388461a8107ef58deaa
b52c090616a1f01a9a118ba6008680bedff4953dd76a01f83796da176fd94e25
b55c2d55abfc4961d21b5282b435d1bb0097722d296f77f03a5cc102e75e5897
bc48912d86fde33ae3c62d1da5a5bce3b4b69956514ad1ee2af58fd3f7e92fe7
be51e71925515ed3270ff3593d30de9abd635ba55ebec8c8778ab1c60101fca6
ccd612a33b4c73ba9ca177881f4d91eed5c29aea18aba4c64a160a16b4e5e08e
d19b0a78c3687a40e6418ef9e430a9dbdd34207276a1e7b78e4777d976026daf
d526086847e9b1326a96d821a9fe40f5aeccbfa3257cd9c8c5632c250ee01f94
d7bfef70f30a64bdcd093092ad25010a2892af73db20384c1365e78823ad152b
d7e0e5ececce69eda42b89f6dd29e4c633334d6d145315498bc98b8a49eae2db
dd1d87a3e43058c21090e00341b2ccce34653e9ca3e67c33e4ad7ac9ab6bc883
df7fdae060aae1a02d2cd41ff3ae3864a8b1e41f999e3f2b09490c26646df1ff
e13df66556e9fe0fb4b0e32cc90e0c04462eac36416140c4d66e080583daa656
e4498f3f01de12b7c3aa78496891d2f450662fb37601f9afa6e4a204f339a123
ef08b4bfd6f7667322844f40cf46bf7e8f1ea4e0e8eb0d58d3cdc291242461f9
f4d52dedca3f54e382daa1445175102d7725ba74a41e048e0feb5012353e21cf
fd253948fce7364a089cd919900d04a69cc675e0d5efe8095320e946506bb75a