Report - exponenta-bc.com/wp-admin/index.php

Report Overview

Submitted URL
exponenta-bc.com/wp-admin/index.php
IP
192.185.143.10
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2023-02-04 05:31:08
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
6
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
maps.gstatic.com	unknown	2016-01-11T17:55:17Z	2023-03-13T08:06:07Z	390 B	228 kB	142.250.74.3
cdn.jsdelivr.net	439	2012-09-30T02:15:09Z	2023-03-13T06:17:54Z	394 B	55 kB	151.101.65.229
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.0 kB	5.3 kB	95.101.11.115
exponenta-bc.com	unknown	2017-01-18T17:43:11Z	2023-01-23T16:30:02Z	366 B	458 B	192.185.143.10
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	4.8 kB	9.8 kB	142.250.74.163
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	390 B	45 kB	142.250.74.168
maps.google.com	1899	2012-09-11T01:07:43Z	2023-03-13T08:54:47Z	521 B	464 B	142.250.74.46
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-13T05:09:19Z	368 B	1.9 kB	104.18.21.226
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-13T08:37:09Z	446 B	8.3 kB	216.58.207.202
va.tawk.to	8297	2017-01-30T05:20:46Z	2023-03-13T05:52:59Z	502 B	551 B	104.22.25.131
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	34.210.191.84
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	1.5 kB	48 kB	216.58.207.227
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	682 B	1.2 kB	93.184.220.29
www.google.com	7	2015-05-10T13:11:19Z	2023-03-13T06:40:43Z	525 B	2.1 kB	142.250.74.164
embed.tawk.to	8650	2014-03-19T22:03:49Z	2023-03-13T08:30:57Z	6.3 kB	130 kB	104.22.25.131
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
www.exponenta-bc.com	unknown	2019-08-11T05:54:39Z	2022-07-09T11:09:23Z	18 kB	1.7 MB	192.185.143.10
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.8 kB	74 kB	34.120.237.76
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	2.2 kB	32 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-04 05:31:34	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-02-04 05:31:34	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-02-04 05:31:36	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-02-04 05:31:36	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-02-04 05:31:36	medium	Client IP	Internal IP	ET DNS Query for .to TLD
2023-02-04 05:31:36	medium	Client IP	Internal IP	ET DNS Query for .to TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-04	medium	exponenta-bc.com/wp-admin/index.php	Phishing
2023-02-04	medium	www.exponenta-bc.com/404/	Phishing
2023-02-04	medium	www.exponenta-bc.com/	Phishing
2023-02-04	medium	www.exponenta-bc.com/wp-content/themes/wotahub/css/font-face/Montserrat/montserrat-extralight.woff2	Phishing
2023-02-04	medium	www.exponenta-bc.com/wp-content/uploads/2020/10/Exponenta-BC_Executive-Suite.jpeg	Phishing
2023-02-04	medium	www.exponenta-bc.com/wp-content/uploads/2020/10/Exponenta-BC_CO-WORKING-FLEXI-DESK-OFFICE-1170x575.jpeg	Phishing
2023-02-04	medium	www.exponenta-bc.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4	Phishing
2023-02-04	medium	www.exponenta-bc.com/wp-content/uploads/2020/01/bg_contact1.jpg?id=1812	Phishing
2023-02-04	medium	www.exponenta-bc.com/wp-content/themes/wotahub/css/font-face/Wcmanonegra/wcmanonegrabta-webfont.woff2	Phishing
2023-02-04	medium	www.exponenta-bc.com/wp-content/themes/wotahub/css/font-face/Wcmanonegra/wcmanonegraboldbta-webfont.woff2	Phishing
2023-02-04	medium	www.exponenta-bc.com/wp-content/themes/wotahub/css/font-face/Montserrat/montserrat-semibold.woff2	Phishing
2023-02-04	medium	www.exponenta-bc.com/wp-content/cache/autoptimize/js/autoptimize_cdab3988059b4e637518cdfc985a4e80.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (65)

	URL	Size	First Seen	Last Seen
	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-main.js	121 B	2023-03-07	2024-04-26
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-main.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-26 08:36:19 Times Seen45931 Hash da5bb1dc647470204df0e49f5afac2de f5cbf596ca5e4fe208e4c55af6e45b71f9febbe8 705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c Loading...

	www.exponenta-bc.com/	1.1 kB	2023-03-07	2024-04-26
Pretty URL www.exponenta-bc.com/ IP 192.185.143.10 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-04-26 04:32:53 Times Seen3317 Hash b36955bf11fd2b943745960d036901e5 d9b5403fee4ae8ec7ad7a3cc6ed747bb62aacf6e 5f82f0ebcd0edef1c37dcba00935d90b65c18d2b0834fce752efe5960e532de3 Loading...

	www.exponenta-bc.com/	1.8 kB	2023-03-13	2023-03-13
Pretty URL www.exponenta-bc.com/ IP 192.185.143.10 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:25:28 Last Seen2023-03-13 16:25:28 Times Seen1 Hash d8efb83ebc1ce0462bf50539bbaa4800 fc38aab61f4d33c1189a036464756bb36d4344bd 226be7c08ab80c39987ca367a5a7bc618032254088d171f28c298612bebd4fe9 Loading...

	www.exponenta-bc.com/	862 B	2023-03-13	2023-03-13
Pretty URL www.exponenta-bc.com/ IP 192.185.143.10 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:25:28 Last Seen2023-03-13 16:25:28 Times Seen1 Hash b07cb5f66ba3eb6ee1c9050081db0170 646b08ad904d337d0b2cb3bb016edab02dd113dc 1e73293a5cf655ea49618f3207b2cd4bb4929db05d2384a7d679fccba788ed82 Loading...

	www.exponenta-bc.com/	347 B	2023-03-08	2023-12-07
Pretty URL www.exponenta-bc.com/ IP 192.185.143.10 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:19:10 Last Seen2023-12-07 09:09:25 Times Seen47 Hash 0aefea6e15e2bbbb68332763e2d39622 086ad20e570f693cf5ddf6882904942b38e50e99 5ea8e493874227629d64a54d2a86d2769dc173dbbb7036632da8fb341065578d Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d25.00212449217491&2d54.6269081846923&2m2&1d25.38734609220345&2d55.94411752672537&2u12&4sen-US&5e0&6sm%40632000000&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&14b1&callback=_xdc_._6eo5jl&client=google-maps-embed&token=86849	35 kB	2023-03-13	2023-03-13
Pretty URL maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d25.00212449217491&2d54.6269081846923&2m2&1d25.38734609220345&2d55.94411752672537&2u12&4sen-US&5e0&6sm%40632000000&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&14b1&callback=_xdc_._6eo5jl&client=google-maps-embed&token=86849 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:25:28 Last Seen2023-03-13 16:25:28 Times Seen1 Hash ab19a1a8c1b479dfd7bf4660acb9c9e8 c507e83b74ca9e0d10a0e038b630ed0f7791d4e8 ebd1d6ffb6ea57577231432fd252cae6932187a90e1ba7eab0ebb3aff6480d52 Loading...

	maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d25.04586739812929&2d55.12546304784338&2m2&1d25.338635833024465&2d55.44656391192197&2u9&4sen-US&5e2&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&14b1&callback=_xdc_._a53i5g&client=google-maps-embed&token=111326	8.3 kB	2023-03-13	2023-03-13
Pretty URL maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d25.04586739812929&2d55.12546304784338&2m2&1d25.338635833024465&2d55.44656391192197&2u9&4sen-US&5e2&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&14b1&callback=_xdc_._a53i5g&client=google-maps-embed&token=111326 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:25:28 Last Seen2023-03-13 16:25:28 Times Seen1 Hash dc994afff05047930b6a8b700e44e6c6 8ed7be34c135d727f9f127d938077c7435650eab 0fabd46adeeb6db02546beec2e06b430358c4e09a7d4fd27457c213b6d22da80 Loading...

	www.exponenta-bc.com/	2.1 kB	2023-03-13	2023-03-13
Pretty URL www.exponenta-bc.com/ IP 192.185.143.10 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:25:28 Last Seen2023-03-13 16:25:28 Times Seen1 Hash 13317196b73001c747e490abca825d5c 3907f9addcef5b8450f207d4cfd079986f7b8eb3 78cf1210933473688b23b8642edff4a73f837b2752260a742ec1a3b774c514de Loading...

	www.exponenta-bc.com/	358 B	2023-03-13	2023-03-13
Pretty URL www.exponenta-bc.com/ IP 192.185.143.10 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:25:28 Last Seen2023-03-13 16:25:28 Times Seen1 Hash 2034af9ea985ebfc95fb2a0fd2fd03f5 cb915fd2abbf3eefa2f39e538631cec21744a1c2 d6498fae4c94e5602f1da0f2ae1ec6c4bca3201deee937940127f2cc92257261 Loading...

	www.exponenta-bc.com/	2.2 kB	2023-03-13	2023-03-13
Pretty URL www.exponenta-bc.com/ IP 192.185.143.10 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:25:29 Last Seen2023-03-13 16:25:29 Times Seen1 Hash 84ac503abb994d30849a6ef5ca8ef067 1bd94b841ec10f67be34c15bd48d46a6177a7aaa e507928488713c83256cca1956413b93e5c096d51d07cfe7748fd84b4aa5fe4e Loading...

	maps.googleapis.com/maps-api-v3/api/js/51/8/overlay.js	3.6 kB	2023-03-13	2023-03-14
Pretty URL maps.googleapis.com/maps-api-v3/api/js/51/8/overlay.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:22:50 Last Seen2023-03-14 11:08:34 Times Seen1 Hash aac5a68c445eb65cf6fd5abc95af5c9f 3ccd961caa90825f8ba8ba9269976d3d17b8e0fb 39e5fddc0c82d6c3de1f5465f6d42ac46720aa2975040067aad0b51e7c6ef6f4 Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-f1596d96.js	10 kB	2023-03-12	2023-03-26
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-f1596d96.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:42:52 Last Seen2023-03-26 05:57:29 Times Seen44 Hash 058710526a0979b9e77a4babe9adfcd7 a29fdce1689d187f11c89a9ee598141f56e07e06 3418417801acc364fae9a8675f8292b2ae09cf39fe35de90a981e69e49e6e24c Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-2c78ba82.js	7.1 kB	2023-03-07	2023-12-01
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-2c78ba82.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:09 Last Seen2023-12-01 20:53:29 Times Seen7234 Hash fac25ff2d2c405e1ac7e156dca1f819c 9e7c83d4eefe4f64b4f1c43d15f21b248697a125 97ca66991150a4c1263837600fe4338f33d96b74979cd7740ab07d22b883b8e0 Loading...

	www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sExponenta-BC!5e0!6i12	3.2 kB	2023-03-13	2023-03-13
Pretty URL www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sExponenta-BC!5e0!6i12 IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:25:29 Last Seen2023-03-13 16:25:29 Times Seen1 Hash 0f8b660939c2aec792fcace42f11e7b1 7ccfa002ba50556d0f4dfb8d06174316cbdb0c0c c8b5c23a267fb01b7dd4038c5fdd47abe99cbfdf252f3bb4b006ba8cbdfc0319 Loading...

	maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad	173 kB	2023-03-13	2023-03-13
Pretty URL maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:15:50 Last Seen2023-03-13 16:49:13 Times Seen1 Hash 52f4cd89fb2474b65e35a495967d8ae0 5e34d7fb079048e7dad2bd314efd4609bd159806 83f8df7ac8c9aaa3f7367c3decd5507e346c056eccddbcfc445f7c2f7245eb42 Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-app.js	151 B	2023-03-07	2024-04-26
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-app.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2024-04-26 08:36:19 Times Seen46611 Hash e736e189edb5d0d9d5b8e7f23dd9114a bcabee193f13756fa9154fc492fe420c47140343 13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd Loading...

	www.exponenta-bc.com/	763 B	2023-03-07	2024-04-26
Pretty URL www.exponenta-bc.com/ IP 192.185.143.10 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-04-26 04:32:54 Times Seen1669 Hash c291ddfafe8b815d28e02482f1251b5e 4501ffc2d31f0231d4eee4aad85578597c753ce7 371ffe791a9a08bddf8a965e60dbe84e817edd8cb480f731d05e791eff5b35af Loading...

	maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7m1&1e0&8b0&callback=_xdc_._uxcir0&client=google-maps-embed&token=109283	62 B	2023-03-08	2023-08-17
Pretty URL maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7m1&1e0&8b0&callback=_xdc_._uxcir0&client=google-maps-embed&token=109283 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:25:00 Last Seen2023-08-17 14:45:14 Times Seen1761 Hash ac206f9aca43cbd08f77ebff219bad68 a8f70e30f06a72933f89c350b8fcc8e77280ff5d 5da1360295132675024820ab37f9bc1c658f6b900180906ec44125f8127f762e Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-common.js	196 kB	2023-03-12	2023-11-18
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-common.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:42:52 Last Seen2023-11-18 22:03:40 Times Seen90 Hash 385105148a50079bafff97e9c9476109 558ea15aa711b8f2501237fa286ec104db90fbf2 e76be61057b7d805440ba2693d2c357f9a828fa8bda74170b9ac70b58af626d7 Loading...

	www.exponenta-bc.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4	99 kB	2023-03-07	2024-04-25
Pretty URL www.exponenta-bc.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4 IP 192.185.143.10 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:18 Last Seen2024-04-25 17:08:21 Times Seen3540 Hash 5090bae2c114802440412e301bdf5174 3850afd52816ee686eccd881df06764b426cd86a d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3 Loading...

	www.exponenta-bc.com/	282 B	2023-03-13	2023-03-13
Pretty URL www.exponenta-bc.com/ IP 192.185.143.10 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:25:29 Last Seen2023-03-13 16:25:29 Times Seen1 Hash 899db9ea2c3f7c9a3c3aab542a8d10f9 ff36d2f5ee53776101f1ed29826e5e291aa8d652 5f403f4db81574cbc88275452754d13567ceeb6a96748a6603578879b8268552 Loading...

	www.exponenta-bc.com/	1.0 kB	2023-03-13	2023-03-13
Pretty URL www.exponenta-bc.com/ IP 192.185.143.10 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:25:29 Last Seen2023-03-13 16:25:29 Times Seen1 Hash 4fc62053b8eab93455aa1dc7a8b29d22 3705373374eac062f087db0281eb4e16ab21ce94 9369e6d22e236f0fef602376325fcf31b7564745447604ec801bb4facfdcabc9 Loading...

	maps.googleapis.com/maps-api-v3/api/js/51/8/map.js	77 kB	2023-03-13	2023-03-14
Pretty URL maps.googleapis.com/maps-api-v3/api/js/51/8/map.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:22:51 Last Seen2023-03-14 13:31:02 Times Seen1 Hash d22c047d176f909bd91f0c4e8d5b484d 26943acaa78aa79e9bd0d321021fd93041daff8b 5c9960d4d786b64288ff14832e3329395c28d73accbbb25d715952059f009d1a Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-vendors.js	211 kB	2023-03-08	2024-01-03
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-vendors.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:02:52 Last Seen2024-01-03 04:29:13 Times Seen92 Hash 70dac54eca3bb2143032bc4db3237623 b072b86acccf5e05a52ebfbff58ec2961b200063 299a4f2bad31c68a87c725376227e4e71d3fa3be5ac21776509b6a526bfd603b Loading...

	maps.googleapis.com/maps-api-v3/api/js/51/8/common.js	277 kB	2023-03-13	2023-03-14
Pretty URL maps.googleapis.com/maps-api-v3/api/js/51/8/common.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:22:57 Last Seen2023-03-14 13:31:01 Times Seen1 Hash 1453ba51a450fdb7acafceb66a2a99bd cd3598337b26f6f4116e6d0ebdb6ed5f0181e23e a63c8a81e2094da4cf6f608732bd29c7210be02457ff7166676a8de0813ad973 Loading...

	www.youtube.com/iframe_api	992 B	2023-03-13	2023-03-13
Pretty URL www.youtube.com/iframe_api IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:30:29 Last Seen2023-03-13 22:40:32 Times Seen1 Hash a300684733cefb2aa7eb95d592c4a002 70ac7975269f707818f66205ee8453d64c02a581 d3bbfd5809ca9c520b3565dad1b49bebe6da051f31d29db91c24711ccd98dfdc Loading...

	embed.tawk.to/5e2c1bee8e78b86ed8ab06f4/default	2.1 kB	2023-03-13	2023-03-13
Pretty URL embed.tawk.to/5e2c1bee8e78b86ed8ab06f4/default IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:25:29 Last Seen2023-03-13 16:25:29 Times Seen1 Hash bfbb9644bf5d5c7de732a0a9a8b733fc 0d928345cf9d1e39a2ef3cbcfa9d455ab2f5b4d6 3378e2e47d09fc1fed69bd741ee0252ddf2d5134ae14bf272216be1fbb69febb Loading...

	www.exponenta-bc.com/	8.3 kB	2023-03-07	2024-04-26
Pretty URL www.exponenta-bc.com/ IP 192.185.143.10 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-04-26 04:32:57 Times Seen630 Hash 1e23424880dfdb9e886fcff2f0aae6ee 8acaff02a625c997cbbb7ed8843e7cf610bf2b5b 0fc4db12b0d589fd17b3e43c3ba4cdca64183916637624bfe59aad7299284284 Loading...

	maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7spipjhn&10e1&11b0&callback=_xdc_._7a8m3e&client=google-maps-embed&token=7096	62 B	2023-03-13	2023-03-13
Pretty URL maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7spipjhn&10e1&11b0&callback=_xdc_._7a8m3e&client=google-maps-embed&token=7096 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:25:29 Last Seen2023-03-13 16:25:29 Times Seen1 Hash ba215750916cfad5aaa9ddfe7f132abe cba71008f93abf0aa47e8a52030d7011fdd05302 6a517438db7428b1427a326b507209a52b10afd17e69f40e2ee9f92029e70cd4 Loading...

	www.exponenta-bc.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1	90 kB	2023-03-07	2024-04-25
Pretty URL www.exponenta-bc.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1 IP 192.185.143.10 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:17 Last Seen2024-04-25 22:19:48 Times Seen9450 Hash b6f7093369a0e8b83703914ce731b13c d1889f5c173c2a4b20288f1f84758599afd346ef 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827 Loading...

	www.googletagmanager.com/gtag/js?id=UA-147058039-1	112 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=UA-147058039-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:25:29 Last Seen2023-03-13 16:25:29 Times Seen1 Hash 228cb8f939556ca0851090cfefe6dfc4 ef39f58a87fe24638e4a05b60b1bc101dd319a77 c4063344b5394e55fb45252384e309821269985f46d5bd4d641e01094eb1bc05 Loading...

	www.exponenta-bc.com/	29 kB	2023-03-07	2024-04-26
Pretty URL www.exponenta-bc.com/ IP 192.185.143.10 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-04-26 04:32:57 Times Seen2219 Hash 10f428f59d120bf8adbc39b86d547a2f fe92af104d1ca10761ec932fdd2da77f759286d4 e0a244f4ace8e695c3aa03697b9dd349f5f1abbae8974d87e879274808305595 Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-vendor.js	78 kB	2023-03-07	2024-01-03
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-vendor.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-01-03 04:29:13 Times Seen8812 Hash 7dcb496e4882926f93f2e73fa87062c0 f84d8f772336f305bbbd882a1e5d48d9aa8bd16a 5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7 Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-696bc286.js	17 kB	2023-03-12	2023-03-26
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-696bc286.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:42:52 Last Seen2023-03-26 05:57:29 Times Seen71 Hash 2aa8e4d8fcf9760a324a8b2e7902f6ca c7ddf3bed7920c5970f812b9e4771dd238ad688b e3bbf1d795232665eceff33610ed6876b9d83db71364782c2d9bbe26a1753ae9 Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-48f46bef.js	16 kB	2023-03-12	2023-03-26
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-48f46bef.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:42:52 Last Seen2023-03-26 05:57:29 Times Seen71 Hash d9f3d1c4504d77c3e7c2e3e2f126fd9b 42baf889b87715cca0f7de5211de4e5d4164b89a 87e512de8c063410a12ffdd7c34124de2dade5a644ed49bb66213ca3e26dde4b Loading...

	maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7spiplak&10e1&11b0&callback=_xdc_._vf37ko&client=google-maps-embed&token=10501	62 B	2023-03-13	2023-03-13
Pretty URL maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7spiplak&10e1&11b0&callback=_xdc_._vf37ko&client=google-maps-embed&token=10501 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:25:29 Last Seen2023-03-13 16:25:29 Times Seen1 Hash 05c9b90e60cf781fc8fd242898e0f63b 673aeebca9bdd567d631d64e715b9543d77d08ff c6b81615418bde1bbc53b8dd4950a3c86bb23dca38f6b3c11e623f2eb8537046 Loading...

	www.exponenta-bc.com/	155 B	2023-03-13	2023-03-13
Pretty URL www.exponenta-bc.com/ IP 192.185.143.10 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:25:29 Last Seen2023-03-13 16:25:29 Times Seen1 Hash f1c7d003918cd7170c4d88421c603769 1eaf56f9078ee72220c316913629b45bc594df95 4a84e75b6398b3804fe878e010b0fbfcf21107ef22702e1af248aa8d4d07c2dd Loading...

	www.exponenta-bc.com/	145 B	2023-03-07	2024-04-26
Pretty URL www.exponenta-bc.com/ IP 192.185.143.10 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:22 Last Seen2024-04-26 15:37:45 Times Seen3490 Hash 09c7a3dbfcd65973e5cbdb48c5460c07 086b7a4ac6632ec06f2f0e68f4ff3fcfc9a1c71c d81a9dc0c33559bfacc014a5216f454c40183312addc9623d3da987650cd56f3 Loading...

	maps.googleapis.com/maps-api-v3/api/js/51/8/search_impl.js	2.9 kB	2023-03-13	2023-03-14
Pretty URL maps.googleapis.com/maps-api-v3/api/js/51/8/search_impl.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:27:58 Last Seen2023-03-14 01:26:15 Times Seen1 Hash 867b91e721aae4d2e53df97fedc2c7b2 b86a55351a53699be054d261c88f9441d62e84ba 640933ecd0568399cf206b9195454c247e1b2b64dc6de7b19f83473fec5ac304 Loading...

	maps.googleapis.com/maps-api-v3/api/js/51/8/controls.js	90 kB	2023-03-13	2023-03-14
Pretty URL maps.googleapis.com/maps-api-v3/api/js/51/8/controls.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:22:51 Last Seen2023-03-14 13:31:02 Times Seen1 Hash 64ce3865d95ad71e2facb4f1a8bc13ca a6dd840712c477d84141a3dee7ee5f53e7a3ac9a d0f1e5601e335367ebb9e80e0c2cfa10df52be9c2a9413093853a2e97bc56e25 Loading...

	www.exponenta-bc.com/	149 B	2023-03-07	2024-04-26
Pretty URL www.exponenta-bc.com/ IP 192.185.143.10 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:22 Last Seen2024-04-26 05:47:43 Times Seen2862 Hash 931deb2e7bef82d78d1c1b0a3fe4fe32 2a468d77a19124c4bcd1745b7f51eff01b269ade afb2b21f29cd5d7fc5b63a8ea02ece9649603b9e63a2afa55927c508345e1ee7 Loading...

	maps.googleapis.com/maps-api-v3/api/js/51/8/util.js	163 kB	2023-03-13	2023-03-14
Pretty URL maps.googleapis.com/maps-api-v3/api/js/51/8/util.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:22:51 Last Seen2023-03-14 13:31:02 Times Seen1 Hash f52e72535cb9b84fbf0ec5ff9455bc03 383b25e2066d88d52e03380256ed05c225867e9d 493ab4e7ca6837030e64d507c6ab90890cd9a63fc25bb7bf3bcd441dda6881b0 Loading...

	maps.googleapis.com/maps-api-v3/api/js/51/8/onion.js	27 kB	2023-03-13	2023-03-14
Pretty URL maps.googleapis.com/maps-api-v3/api/js/51/8/onion.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:22:51 Last Seen2023-03-14 13:31:02 Times Seen1 Hash ed335205771929839bfb27e5eb101db9 5e9a048bcd7ce7c83f90c8c8c5f3de028049ffa8 a450306c30c30862f568544abf1bd0f731d64252855b937fcf8fad9d830160ea Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js	2.3 kB	2023-03-12	2023-11-18
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:42:52 Last Seen2023-11-18 22:03:39 Times Seen90 Hash de21d01e9f8b6cc35ea67267d0ba80ec 6cc42e299703a1a1fca03a97b268adf1fa830107 da3edd648fc579bc07c4b1b1bb3ba1e8258ae308049a311e5966464295eb0e51 Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/languages/en.js	17 kB	2023-03-07	2024-02-05
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/languages/en.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:47 Last Seen2024-02-05 02:14:35 Times Seen39084 Hash 585ba00b2c167b90c210161454f843b5 89ee8372cc6d5eb307cf5840b70d8f3dab3c57f2 e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0 Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-2d0b9454.js	546 B	2023-03-07	2023-12-03
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-2d0b9454.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2023-12-03 21:40:45 Times Seen7208 Hash 09c3819d373bd4178a620d721429fada fc407211bc5ed4384dc85e981c5947f727254bd9 48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c Loading...

	maps.gstatic.com/maps-api-v3/embed/js/51/8/init_embed.js	227 kB	2023-03-13	2023-03-14
Pretty URL maps.gstatic.com/maps-api-v3/embed/js/51/8/init_embed.js IP 142.250.74.3 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:27:58 Last Seen2023-03-14 01:18:07 Times Seen1 Hash e3fcdb3b625ae8f6058df005fbac1b91 9cd25835e9e08695c0114f57a5abf4d3437b1619 97fcf9ad8137f24c0f74e5450b2b4a01d87dfa70678130187fe13c1614ab419b Loading...

	www.exponenta-bc.com/	336 B	2023-03-13	2023-03-13
Pretty URL www.exponenta-bc.com/ IP 192.185.143.10 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:25:29 Last Seen2023-03-13 16:25:29 Times Seen1 Hash 35c9a991b9afd3ebbf66faf766b76475 81867b673af68f05fd10329ebf8d2d42dd75e427 05791a0332051684eb1e1d244e560c258f1acce993e514f9baa8396f8feef338 Loading...

	www.exponenta-bc.com/	134 B	2023-03-13	2023-03-13
Pretty URL www.exponenta-bc.com/ IP 192.185.143.10 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:25:29 Last Seen2023-03-13 16:25:29 Times Seen1 Hash 4ba11f36b2b9f68b2a323ffa6b973abd db0cfc70dee9ab9f4d6eaebc958b9c944af6b210 33648f427d03b3871cd19f9e5f55607a01e571cd6a15971e9911c9f236019bd0 Loading...

	www.exponenta-bc.com/	2.4 kB	2023-03-07	2024-04-25
Pretty URL www.exponenta-bc.com/ IP 192.185.143.10 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:59 Last Seen2024-04-25 21:53:57 Times Seen3807 Hash 49f89aeeb8e861051ed61fc00d636b9b 9077f9d9ebc3b661bb3a81161c6a4e2de2531231 4190f2c4f25f9a34cbbfdb92f91a25359570d773ef7cff97c924e224ad877759 Loading...

	www.exponenta-bc.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.8	14 kB	2023-03-07	2024-04-25
Pretty URL www.exponenta-bc.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.8 IP 192.185.143.10 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:17 Last Seen2024-04-25 12:50:40 Times Seen7905 Hash eaa8641bcda2371f4024a71fbb67de3b 0e46c39d3821683c856605a82254115f9a6a7792 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c Loading...

	www.exponenta-bc.com/	56 kB	2023-03-07	2024-04-26
Pretty URL www.exponenta-bc.com/ IP 192.185.143.10 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-04-26 04:32:57 Times Seen2074 Hash a78982b40bf915f977f2bcb73e907934 540b38654ca018e915d4de20f586f7999d5119f2 f46438dc69e006684fd2254a035cd58fa8fc9277206bdf0f8c9a278bbfbc8756 Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-4fe9d5dd.js	942 B	2023-03-07	2023-12-03
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-4fe9d5dd.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2023-12-03 21:40:45 Times Seen7224 Hash 5f434bdd806571a4e1b385bee9316ff6 ca69e13015a6b7769e4174179dc8befd4c543c43 fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867 Loading...

	www.exponenta-bc.com/wp-content/cache/autoptimize/js/autoptimize_cdab3988059b4e637518cdfc985a4e80.js	992 kB	2023-03-13	2023-03-13
Pretty URL www.exponenta-bc.com/wp-content/cache/autoptimize/js/autoptimize_cdab3988059b4e637518cdfc985a4e80.js IP 192.185.143.10 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:25:29 Last Seen2023-03-13 16:25:29 Times Seen1 Hash e0a05ffef7234b8f52991e3d8f7c7677 4ed4bc139526179351d255155964191c0e013c88 a02cac5857482fa621e90844c70e1250972592e02ec9215260c78450dd21f32d Loading...

	www.exponenta-bc.com/	1.4 kB	2023-03-07	2024-04-26
Pretty URL www.exponenta-bc.com/ IP 192.185.143.10 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:33 Last Seen2024-04-26 15:37:45 Times Seen1945 Hash baa52dd43e0e29340348ae52a88fdcfd a85cd8502fafa4fb5cb0786c1ab1e6c0c957093e 49117ca60d8aeb4aa478d3541e09db31ce6fe2608ff7f96e9409239390e6b1bc Loading...

	www.exponenta-bc.com/	1.3 kB	2023-03-13	2023-03-13
Pretty URL www.exponenta-bc.com/ IP 192.185.143.10 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:25:29 Last Seen2023-03-13 16:25:29 Times Seen1 Hash 1efeb2195787ce8603932b25b31577ce 8adf38762888f3872b37ff262047464df7a53f02 c3c5a9f304a7e69991c869f18aa2e527f5ceb1d45d55235ce88c45b88644d6c4 Loading...

	www.exponenta-bc.com/	363 B	2023-03-07	2023-12-07
Pretty URL www.exponenta-bc.com/ IP 192.185.143.10 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:53:43 Last Seen2023-12-07 09:09:24 Times Seen48 Hash c3b27b9182c9fb1d61cf10ab843ff6c4 712ead0d158eaa59ff554d9af5e2ea99f4e0823b 49efdd53e7ef18b060b4e3664b88e63d32b2bedf6417ea3c8b6045e579001ab7 Loading...

	www.youtube.com/s/player/97ea7458/www-widgetapi.vflset/www-widgetapi.js	189 kB	2023-03-13	2023-03-13
Pretty URL www.youtube.com/s/player/97ea7458/www-widgetapi.vflset/www-widgetapi.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:30:29 Last Seen2023-03-13 22:40:32 Times Seen1 Hash 49e95c8af02614e99bc5012867ff7894 2df3e57af0284a03020e42598f99fa69fae7d6fa 60c10e8ee50e4bf9b31339e9806ede6d08cfffeb40165e0c49553482fe710066 Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-f163fcd0.js	11 kB	2023-03-07	2023-12-01
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-f163fcd0.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2023-12-01 20:53:29 Times Seen11867 Hash a92075fd9ac5ba130387a80453676099 4b5b13cf9479b8311d574356e53f8da74200c57a 544039b2ff06226afd008c3625818bbfe76a2598d7159145d06965afaf4f09de Loading...

	www.exponenta-bc.com/	26 kB	2023-03-07	2024-04-26
Pretty URL www.exponenta-bc.com/ IP 192.185.143.10 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-04-26 04:32:57 Times Seen1935 Hash 05ec8fa18732b68a634f95e7c2bebd2e 2204916097137e7afe60b7d8a612e04f86496cbc 38da5f0c3fd471c5a28d03d7155aba416ae2562ba4a73a2ca3920b19e4b47a63 Loading...

	embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-32507910.js	74 kB	2023-03-12	2023-03-26
Pretty URL embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-32507910.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:42:52 Last Seen2023-03-26 05:57:29 Times Seen69 Hash b931365947ecaea657544f82994716af a1104369fe02f29d54aee7a1c429998e8bb2a6ae d5545096f7c7a5c5b9e151ed1127b929098806899b9f910e547f3cbcbbbdcfc7 Loading...

	www.exponenta-bc.com/	1.6 kB	2023-03-13	2023-03-13
Pretty URL www.exponenta-bc.com/ IP 192.185.143.10 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:25:29 Last Seen2023-03-13 16:25:29 Times Seen1 Hash 5c3b1bc6a4a45dec46fe6f770ca414e3 1605ded394617f5371416420d7149f86a25aef9d ff9ce29b8adc80e191711ecb9b7c66462b9bbc4b079ebb7cccd501c1d2f0ef5b Loading...

	www.exponenta-bc.com/	616 B	2023-03-07	2024-04-25
Pretty URL www.exponenta-bc.com/ IP 192.185.143.10 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:38:44 Last Seen2024-04-25 06:13:09 Times Seen778 Hash dbb14fb296945e09a607f4ffc8a8da52 73977a2c0d08bad9790597988fedbaaf5ead054f 20adabea74e67d597e882751a5a8b27b89161075d1b0d635bf43a84a6a957a95 Loading...

	www.exponenta-bc.com/	1.9 kB	2023-03-13	2023-03-13
Pretty URL www.exponenta-bc.com/ IP 192.185.143.10 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:25:29 Last Seen2023-03-13 16:25:29 Times Seen1 Hash 1d7198a8c6a128988822c103e09f9597 cf9f70385234d206fda26618ffe96275a08c3d21 c4724d433c0575b0c612c507534736d52141a0620714ae643c3c5667e49cff37 Loading...

HTTP Transactions (99)

URL IP Response Size

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ec47f9eed203ae063b9c210009de54a9
19ff156471b9cffbc2432c5b65543bdd18e36271
3974208ce1840f6c9467287b7e220379ed881d76db64939f411dbc500c103d48

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3974208CE1840F6C9467287B7E220379ED881D76DB64939F411DBC500C103D48"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2529
Expires: Sat, 04 Feb 2023 06:13:05 GMT
Date: Sat, 04 Feb 2023 05:30:56 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12090
Expires: Sat, 04 Feb 2023 08:52:26 GMT
Date: Sat, 04 Feb 2023 05:30:56 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 04:43:35 GMT
content-type: application/json
age: 2841
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16506
Expires: Sat, 04 Feb 2023 10:06:03 GMT
Date: Sat, 04 Feb 2023 05:30:57 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 34Vpso3GjIz2oAjRhk9RtbNS6KLcaVjrDcWZRBxy4VoPBEGYvYJQBlq0OPmSVY5odnaGNFcBCOI=
x-amz-request-id: KQ2PBT8G40Z8Z0EP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 04:52:42 GMT
age: 2295
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

exponenta-bc.com/wp-admin/index.php

192.185.143.10

302 Found

0 B

URL HTTP/1.1
exponenta-bc.com/wp-admin/index.php
IP
192.185.143.10:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-admin/index.php HTTP/1.1
Host: exponenta-bc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Sat, 04 Feb 2023 05:30:56 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-Redirect-By: WordPress
Set-Cookie: PHPSESSID=3b95cdf1892c4602330d6fee747e245d; path=/
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://www.exponenta-bc.com/404/
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:30:57 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 05:07:19 GMT
age: 1418
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20246
Expires: Sat, 04 Feb 2023 11:08:23 GMT
Date: Sat, 04 Feb 2023 05:30:57 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bfd4147ad54686fd92dc5ae8a409531b
e71e1e6c32045e572d7399296c1890b43a365ff7
e7545c2a0cc925dc067a5b829d4bb647069895fde87df93d7e17b06f08715f3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E7545C2A0CC925DC067A5B829D4BB647069895FDE87DF93D7E17B06F08715F3F"
Last-Modified: Sat, 04 Feb 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21560
Expires: Sat, 04 Feb 2023 11:30:17 GMT
Date: Sat, 04 Feb 2023 05:30:57 GMT
Connection: keep-alive

push.services.mozilla.com/

34.210.191.84

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.210.191.84:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: GUT58WmXv1Y1vEzsSuU5iA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jGhyQDkYaNofoDT359A0BDGCYrY=

www.exponenta-bc.com/404/

192.185.143.10

301 Moved Permanently

0 B

URL HTTP/2
www.exponenta-bc.com/404/
IP
192.185.143.10:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /404/ HTTP/1.1
Host: www.exponenta-bc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
set-cookie: PHPSESSID=9e9486ca324841ab8f53954e10459a25; path=/
location: https://www.exponenta-bc.com
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 04 Feb 2023 05:30:57 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:30:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:30:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/jquery-ui.min.css?ver=1.11.4

216.58.207.202

200 OK

7.3 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/jquery-ui.min.css?ver=1.11.4
IP
216.58.207.202:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (28290)
Size
7.3 kB (7320 bytes)
Hash
78b4bcead6f1aae649501493d7d6381f
c8fd14726e08be061d00be73267e3bc3f382bc02
f7ebeaf0008590a5b9e69733b722cb69b36d00989e6fe1b2f542d655f72035a6

HTTP Headers

GET /ajax/libs/jqueryui/1.11.4/themes/smoothness/jquery-ui.min.css?ver=1.11.4 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 7320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 09:58:27 GMT
expires: Mon, 29 Jan 2024 09:58:27 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 502352
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14247
Expires: Sat, 04 Feb 2023 09:28:26 GMT
Date: Sat, 04 Feb 2023 05:30:59 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:30:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.exponenta-bc.com/

192.185.143.10

200 OK

45 kB

URL HTTP/2
www.exponenta-bc.com/
IP
192.185.143.10:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
data
Size
45 kB (44999 bytes)
Hash
f484ae263deaf9a26a3b29a275afa0c0
fde44dbc1d75d0a242c3101b601fefe8233c5f0f
5326581248b543d3d990db6de8964b9b7b736b969730ac5e0156873c03a98bd9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.exponenta-bc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=9e9486ca324841ab8f53954e10459a25
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
link: <https://www.exponenta-bc.com/wp-json/>; rel="https://api.w.org/", <https://www.exponenta-bc.com/wp-json/wp/v2/pages/293>; rel="alternate"; type="application/json", <https://www.exponenta-bc.com/>; rel=shortlink
x-tec-api-version: v1
x-tec-api-root: https://www.exponenta-bc.com/wp-json/tribe/events/v1/
x-tec-api-origin: https://www.exponenta-bc.com
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 04 Feb 2023 05:30:58 GMT
server: Apache
X-Firefox-Spdy: h2

www.exponenta-bc.com/wp-content/cache/autoptimize/css/autoptimize_a22796f5fc3f34dc418d625793626b4d.css

192.185.143.10

200 OK

778 B

URL HTTP/2
www.exponenta-bc.com/wp-content/cache/autoptimize/css/autoptimize_a22796f5fc3f34dc418d625793626b4d.css
IP
192.185.143.10:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (4115), with no line terminators
Size
778 B (778 bytes)
Hash
2d37251c095aee3e0cefb545bffdd9b1
f123500cfd2d66ab2a6067808990c0195972355e
976038b15b468ba203a5e886321f898fee47e7548ec3af6e2a0b3fcd7d1d47d8

HTTP Headers

GET /wp-content/cache/autoptimize/css/autoptimize_a22796f5fc3f34dc418d625793626b4d.css HTTP/1.1
Host: www.exponenta-bc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Cookie: PHPSESSID=9e9486ca324841ab8f53954e10459a25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 05 Oct 2022 05:56:40 GMT
accept-ranges: bytes
cache-control: max-age=30672000, public, immutable
expires: Thu, 25 Jan 2024 05:30:59 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 778
content-type: text/css
date: Sat, 04 Feb 2023 05:30:59 GMT
server: Apache
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9500 bytes)
Hash
3ac51fd6789cbe19c2d484c9022b0e39
bcba22a7b7f5dd1f59fffd1027e5d7002cecb6e9
300b5e50cb910f9f4905ee7313d98763b68f85f5874db499cc94469fb14cabfe

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9500
x-amzn-requestid: 8fe94388-e8d9-4329-b73a-e9a356df76bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD9QEA1IAMF3Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8054-51f954ac4bec16d1055e38f5;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FkTJ6wQ4eFYBPDyS0l5vLeWvHHiQIx-cYyFzT4ggHJ8M5Gg3dozFxQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:59:51 GMT
age: 27068
etag: "bcba22a7b7f5dd1f59fffd1027e5d7002cecb6e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5174 bytes)
Hash
e5b4e4f15da3323c73974c3f1cdb5d74
1f14971d0cf979cc34ff191849dc43d86e8ac463
5893d7e5b2fd9de92829b303c42d0c07ff32b3f6b8705b6f5b4a784315c8808e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5174
x-amzn-requestid: 35630c70-3bad-47b4-94bb-09c873632194
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EFAHIAMFQQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-317b1fbb3bee0f377697bf3d;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OD5cy75AkNMwTIvIool2nKbKgr5Jpo1Plm_X_YPr3rdPbg86_V2fdA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:00:26 GMT
age: 27033
etag: "1f14971d0cf979cc34ff191849dc43d86e8ac463"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:30:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:30:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13065 bytes)
Hash
cf80667db0c35c9c6139eca4ba5d12fd
4c4cfdc2463e8704a7bf8e1477c43b6adf7c7590
d63e69f4b6ea16333d242bf33d4f02a4a6c96a739ca018d86afc5741d85b774d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13065
x-amzn-requestid: 20c6f462-0f1f-44d1-9b6b-6afbc4e79e8b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpYpcELtIAMFvFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63da07d5-44cd803c0feba28919b0a9ec;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 06:33:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T3PhGRcHX1X2hn8K_4587fXBrEyuY5Em-b9Jg41uH4uyQXeFoRBIYg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:55:01 GMT
age: 27358
etag: "4c4cfdc2463e8704a7bf8e1477c43b6adf7c7590"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e245a51-5c03-4b84-b42a-29fa3a7806e9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7992 bytes)
Hash
65cd12302c9ca5468dbc9a98155970e0
a0c63213c3021e40f8ea54f2da6a5c165ed5cfd1
8463155faca74f13ec4500fed98289d8bfbdc4a989d1cb7580736018eadf1000

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e245a51-5c03-4b84-b42a-29fa3a7806e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7992
x-amzn-requestid: ba4f95d9-6081-4b34-955c-bbe8e7b2335c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEEjGsdIAMF84w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8083-7666baa66ccdec9b5fec8736;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: A3c6sSs_b8KkREPa26a8X9NTEZpHGDjElR9hT-NXwg6dYpeuRNZXfA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 26438
etag: "a0c63213c3021e40f8ea54f2da6a5c165ed5cfd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72a06bff-2a3c-4fc8-9c7a-5649a696581e.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8909 bytes)
Hash
a032104cf4ccc6ea31f163ca16386487
a0573916c3d72f0554928963c0a74413fdcb3558
8ba7b6e9b3fa28f6fd27f5f006cedac10f50d7da6c109155a2476cf04f4df932

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72a06bff-2a3c-4fc8-9c7a-5649a696581e.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8909
x-amzn-requestid: 29f57721-99ae-4927-b324-b0a40668e2f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyDqqEPuIAMFqpg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd7fdd-156c25027894630b61e5770c;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:42:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 6-RtedWR4ubEBwe85bNcobzqb2Cy9aEUzyT3tlhJ95zD5SgiuS7coA==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:11:43 GMT
age: 26356
etag: "a0573916c3d72f0554928963c0a74413fdcb3558"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.2 kB (7249 bytes)
Hash
d7afd5ce8fb9ec7b62e528bf97705e49
afbf22f5d8f54adcb00e8980a9b22f2c5b6703c3
b2d93ba6c0ed2c858d91afba1c81251afbffa41c779be2e9203994dcfb7bbc9d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7249
x-amzn-requestid: 007ce521-ed5c-4074-a314-684ad0df2e22
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD9GH5goAMF_ag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8053-7060f02b767c90371991a190;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5fTV_e56nzjiXo4Guu67WXDDvp3nrjB0Yfyy6ByjcDSx23J-8r0fmQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 26438
etag: "afbf22f5d8f54adcb00e8980a9b22f2c5b6703c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:30:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:30:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-147058039-1

142.250.74.168

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-147058039-1
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1759)
Size
44 kB (43911 bytes)
Hash
90e06ec8dc8f5a14018daefbc764f54b
213e96b83f044f57957863293b58d0837cabccec
0850d06c899fe6a2d5500bf27615bf98843edbd91d5b82ca084d6aa49291f0d5

HTTP Headers

GET /gtag/js?id=UA-147058039-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 Feb 2023 05:30:59 GMT
expires: Sat, 04 Feb 2023 05:30:59 GMT
cache-control: private, max-age=900
last-modified: Sat, 04 Feb 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43911
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:30:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.exponenta-bc.com/wp-content/uploads/2020/10/ezgif.com-gif-maker.png

192.185.143.10

200 OK

1.4 kB

URL HTTP/2
www.exponenta-bc.com/wp-content/uploads/2020/10/ezgif.com-gif-maker.png
IP
192.185.143.10:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 27 x 27, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1434 bytes)
Hash
9b9626b10795d6c138f1d2e0a7faede7
ea0ccbd881d69d9f47ffd146b5fb30280cba263f
6c9d9978943fce71ada156279bc7ed200fc920af62042774a6fd8dffb1c3de92

HTTP Headers

GET /wp-content/uploads/2020/10/ezgif.com-gif-maker.png HTTP/1.1
Host: www.exponenta-bc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Cookie: PHPSESSID=9e9486ca324841ab8f53954e10459a25
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 06 Oct 2020 21:15:50 GMT
accept-ranges: bytes
content-length: 1434
cache-control: max-age=31536000
expires: Sun, 04 Feb 2024 05:30:59 GMT
content-type: image/png
date: Sat, 04 Feb 2023 05:30:59 GMT
server: Apache
X-Firefox-Spdy: h2

www.exponenta-bc.com/wp-content/uploads/2020/10/Whatsapp-icon.png

192.185.143.10

200 OK

982 B

URL HTTP/2
www.exponenta-bc.com/wp-content/uploads/2020/10/Whatsapp-icon.png
IP
192.185.143.10:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 27 x 27, 8-bit/color RGBA, non-interlaced\012- data
Size
982 B (982 bytes)
Hash
015818ce3379da8017a977f19fe783ff
a74f418432568ce7a783f78751a2352d994e66af
f254cc7ed1bf5fd7542021dd9d3f2720c35fbd2cb53bdd1db377a28fe460a329

HTTP Headers

GET /wp-content/uploads/2020/10/Whatsapp-icon.png HTTP/1.1
Host: www.exponenta-bc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Cookie: PHPSESSID=9e9486ca324841ab8f53954e10459a25
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 06 Oct 2020 22:02:38 GMT
accept-ranges: bytes
content-length: 982
cache-control: max-age=31536000
expires: Sun, 04 Feb 2024 05:30:59 GMT
content-type: image/png
date: Sat, 04 Feb 2023 05:30:59 GMT
server: Apache
X-Firefox-Spdy: h2

www.exponenta-bc.com/wp-content/uploads/2020/10/Map-Marker.png

192.185.143.10

200 OK

1.2 kB

URL HTTP/2
www.exponenta-bc.com/wp-content/uploads/2020/10/Map-Marker.png
IP
192.185.143.10:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 19 x 27, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1169 bytes)
Hash
3ad578f8dcfd2a49f1eee0d228821f0f
26d1ad72d69b0df9c366a653d3b69220d16ca336
4982582659485cc4150c60ec8de406c3196e8d7ac6020f0ffdeb57792e7863f5

HTTP Headers

GET /wp-content/uploads/2020/10/Map-Marker.png HTTP/1.1
Host: www.exponenta-bc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Cookie: PHPSESSID=9e9486ca324841ab8f53954e10459a25
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 06 Oct 2020 21:55:06 GMT
accept-ranges: bytes
content-length: 1169
cache-control: max-age=31536000
expires: Sun, 04 Feb 2024 05:30:59 GMT
content-type: image/png
date: Sat, 04 Feb 2023 05:30:59 GMT
server: Apache
X-Firefox-Spdy: h2

www.exponenta-bc.com/wp-content/uploads/2019/02/logo-footer-1-300x108.png

192.185.143.10

200 OK

19 kB

URL HTTP/2
www.exponenta-bc.com/wp-content/uploads/2019/02/logo-footer-1-300x108.png
IP
192.185.143.10:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 300 x 108, 8-bit/color RGBA, non-interlaced\012- data
Size
19 kB (18606 bytes)
Hash
a4500f3f814285b7286faaad6ca1aed1
bfa2d19e20c8675d461eeafebab806a176d2f693
9e61725e3d39ce44a24395eb32cb5dc01ff617b1f8b4beb7b23b28c227e4a149

HTTP Headers

GET /wp-content/uploads/2019/02/logo-footer-1-300x108.png HTTP/1.1
Host: www.exponenta-bc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Cookie: PHPSESSID=9e9486ca324841ab8f53954e10459a25
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 13 Feb 2019 22:40:08 GMT
accept-ranges: bytes
content-length: 18606
cache-control: max-age=31536000
expires: Sun, 04 Feb 2024 05:30:59 GMT
content-type: image/png
date: Sat, 04 Feb 2023 05:30:59 GMT
server: Apache
X-Firefox-Spdy: h2

www.exponenta-bc.com/wp-content/uploads/revslider/slider-1/slider-1-bg1.jpg

192.185.143.10

200 OK

365 kB

URL HTTP/2
www.exponenta-bc.com/wp-content/uploads/revslider/slider-1/slider-1-bg1.jpg
IP
192.185.143.10:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x842, components 3\012- data
Size
365 kB (365404 bytes)
Hash
75365e1a84614f451ce7019d3852866c
97391b24077459a1030ceda223186235ef8e17e8
2aead5c52a3769a1c625dba8f18511f08f30e3062d5dee906b84f99bb79056f1

HTTP Headers

GET /wp-content/uploads/revslider/slider-1/slider-1-bg1.jpg HTTP/1.1
Host: www.exponenta-bc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Cookie: PHPSESSID=9e9486ca324841ab8f53954e10459a25
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 13 Feb 2019 22:00:00 GMT
accept-ranges: bytes
content-length: 365404
cache-control: max-age=31536000
expires: Sun, 04 Feb 2024 05:30:59 GMT
content-type: image/jpeg
date: Sat, 04 Feb 2023 05:30:59 GMT
server: Apache
X-Firefox-Spdy: h2

www.exponenta-bc.com/wp-content/uploads/revslider/slider-1/slider-1-bg2.jpg

192.185.143.10

200 OK

212 kB

URL HTTP/2
www.exponenta-bc.com/wp-content/uploads/revslider/slider-1/slider-1-bg2.jpg
IP
192.185.143.10:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1901x834, components 3\012- data
Size
212 kB (212347 bytes)
Hash
9399fe7cae4769445725b4f7946b5873
42940e3403f41cb663bf0c4f2155ba54458fcf14
d6c01b3f6521d9ba2367b855692ffb608275444036401b0e445763a50841eb62

HTTP Headers

GET /wp-content/uploads/revslider/slider-1/slider-1-bg2.jpg HTTP/1.1
Host: www.exponenta-bc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Cookie: PHPSESSID=9e9486ca324841ab8f53954e10459a25
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 13 Feb 2019 22:00:04 GMT
accept-ranges: bytes
content-length: 212347
cache-control: max-age=31536000
expires: Sun, 04 Feb 2024 05:30:59 GMT
content-type: image/jpeg
date: Sat, 04 Feb 2023 05:30:59 GMT
server: Apache
X-Firefox-Spdy: h2

www.exponenta-bc.com/wp-content/uploads/2017/10/your_company-300x222.png

192.185.143.10

200 OK

25 kB

URL HTTP/2
www.exponenta-bc.com/wp-content/uploads/2017/10/your_company-300x222.png
IP
192.185.143.10:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 300 x 222, 8-bit/color RGBA, non-interlaced\012- data
Size
25 kB (24837 bytes)
Hash
4522d313f354157e30135de720adb9cf
12bf5302a0787c293c4da72b641d49c604f86a26
92032ab024703ce1a596d05b43eb84d6ddb73c9f74825ed115504dfb1c7ca72c

HTTP Headers

GET /wp-content/uploads/2017/10/your_company-300x222.png HTTP/1.1
Host: www.exponenta-bc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Cookie: PHPSESSID=9e9486ca324841ab8f53954e10459a25
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 06 Oct 2020 22:53:22 GMT
accept-ranges: bytes
content-length: 24837
cache-control: max-age=31536000
expires: Sun, 04 Feb 2024 05:30:59 GMT
content-type: image/png
date: Sat, 04 Feb 2023 05:30:59 GMT
server: Apache
X-Firefox-Spdy: h2

www.exponenta-bc.com/wp-content/uploads/revslider/slider-1/slider-1-bg3.jpg

192.185.143.10

200 OK

222 kB

URL HTTP/2
www.exponenta-bc.com/wp-content/uploads/revslider/slider-1/slider-1-bg3.jpg
IP
192.185.143.10:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1901x834, components 3\012- data
Size
222 kB (222151 bytes)
Hash
1bb9356a16ec432de783af849ccb3177
e9d6e2ace6ac3a055dfdf3c9c1eb57d5abe86418
401a485538bbc568b05662c4f1585802a772749fe6b65dcf3f25a337746137e1

HTTP Headers

GET /wp-content/uploads/revslider/slider-1/slider-1-bg3.jpg HTTP/1.1
Host: www.exponenta-bc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Cookie: PHPSESSID=9e9486ca324841ab8f53954e10459a25
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 13 Feb 2019 22:00:06 GMT
accept-ranges: bytes
content-length: 222151
cache-control: max-age=31536000
expires: Sun, 04 Feb 2024 05:30:59 GMT
content-type: image/jpeg
date: Sat, 04 Feb 2023 05:30:59 GMT
server: Apache
X-Firefox-Spdy: h2

www.exponenta-bc.com/wp-content/uploads/2020/10/Email-icon.png

192.185.143.10

404 Not Found

17 kB

URL HTTP/2
www.exponenta-bc.com/wp-content/uploads/2020/10/Email-icon.png
IP
192.185.143.10:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3890), with CRLF, LF line terminators
Size
17 kB (16983 bytes)
Hash
84910ff7fe71526f110375bed40f5878
053c3a7ef56600e4fcfaf4b0dbab9107c1819830
4d70a82eca5d7d3c94e3147f0e67e2cbb4e09fafd205e8d7e02e02fe294cbfef

HTTP Headers

GET /wp-content/uploads/2020/10/Email-icon.png HTTP/1.1
Host: www.exponenta-bc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Cookie: PHPSESSID=9e9486ca324841ab8f53954e10459a25
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.exponenta-bc.com/wp-json/>; rel="https://api.w.org/"
x-tec-api-version: v1
x-tec-api-root: https://www.exponenta-bc.com/wp-json/tribe/events/v1/
x-tec-api-origin: https://www.exponenta-bc.com
vary: Accept-Encoding
content-encoding: gzip
content-length: 16983
content-type: text/html; charset=UTF-8
date: Sat, 04 Feb 2023 05:30:59 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:31:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:31:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

216.58.207.227

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 12708, version 1.0\012- data
Size
13 kB (12708 bytes)
Hash
b4a68b1e743ee317eaaf0bbadd131571
f24f7823d4e3830c7cfa5bcb33733d2897c00f13
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394

HTTP Headers

GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.exponenta-bc.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12708
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 02:06:04 GMT
expires: Sat, 03 Feb 2024 02:06:04 GMT
cache-control: public, max-age=31536000
age: 98696
last-modified: Mon, 11 Jul 2022 18:55:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.exponenta-bc.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.8

192.185.143.10

200 OK

4.9 kB

URL HTTP/2
www.exponenta-bc.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.8
IP
192.185.143.10:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (11272)
Size
4.9 kB (4942 bytes)
Hash
365a77ff4ecd6f029c81de14e2522c73
2a817a1e1091bdf10e562b746e7e9619ed5ef5d5
a46d0e1f9b302519b11da0266586429a4d6eaf6fb2914c29f0e9208f7d2eb355

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=5.7.8 HTTP/1.1
Host: www.exponenta-bc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Cookie: PHPSESSID=9e9486ca324841ab8f53954e10459a25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 05 May 2021 14:56:08 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 06 Mar 2023 05:31:00 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 4942
content-type: application/javascript
date: Sat, 04 Feb 2023 05:31:00 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.gstatic.com/s/fjallaone/v13/Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2

216.58.207.227

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/fjallaone/v13/Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 16588, version 1.0\012- data
Size
17 kB (16588 bytes)
Hash
6a93e73463e9f1b7c7b41c52c93843c5
48d5ed2bcc9c9c5c4182ae8957e5cef207cdfcbc
54eb546ba2203d87ad9a38ffdb92fdfed9733e08239dbea692a1ca059a287480

HTTP Headers

GET /s/fjallaone/v13/Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.exponenta-bc.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16588
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 18:06:59 GMT
expires: Sat, 03 Feb 2024 18:06:59 GMT
cache-control: public, max-age=31536000
age: 41041
last-modified: Thu, 21 Apr 2022 16:38:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
3ce1bc23c86ace6b4d4949b2224e9132
f851119c51f81bc066be434187579385fb01efa0
a557c7ae0ad294e00d85e6aa2b556ce3a64009127d159ebb9b98c83969ac39ee

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4897
Cache-Control: max-age=126957
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:31:00 GMT
Etag: "63dd2760-117"
Expires: Sun, 05 Feb 2023 16:46:57 GMT
Last-Modified: Fri, 03 Feb 2023 15:25:20 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8176ac8bbb8fa05f36bdfa163da09e0c
b936c84c5fa7e781b12a17952c82bca546ca0575
1aa7e39fd02514a4023036a8a100d7e7898ee220063ebfb41c509264c81ed727

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:31:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:31:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.exponenta-bc.com/wp-content/themes/wotahub/css/font-face/Montserrat/montserrat-extralight.woff2

192.185.143.10

200 OK

28 kB

URL HTTP/2
www.exponenta-bc.com/wp-content/themes/wotahub/css/font-face/Montserrat/montserrat-extralight.woff2
IP
192.185.143.10:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format (Version 2), TrueType, length 27696, version 3.6553\012- data
Size
28 kB (27696 bytes)
Hash
54bfcc71f6df3e1419c9b19682db5605
505d107bfd05be8a643a731fdd896b835468a71c
13759881af22e222544ca8299a3db38d5afbe40847c2958fb22a421a6dd348b2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/wotahub/css/font-face/Montserrat/montserrat-extralight.woff2 HTTP/1.1
Host: www.exponenta-bc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.exponenta-bc.com/wp-content/cache/autoptimize/css/autoptimize_d4897910e7fa5f12f1bcdba5e989b510.css
Cookie: PHPSESSID=9e9486ca324841ab8f53954e10459a25
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 17 May 2018 06:39:38 GMT
accept-ranges: bytes
content-length: 27696
content-type: font/woff2
date: Sat, 04 Feb 2023 05:31:00 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

216.58.207.227

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Size
17 kB (16740 bytes)
Hash
e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

HTTP Headers

GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.exponenta-bc.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 00:44:37 GMT
expires: Fri, 02 Feb 2024 00:44:37 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
age: 189983
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

maps.google.com/maps?t=m&output=embed&iwloc=near&z=12&q=Exponenta-BC

142.250.74.46

301 Moved Permanently

0 B

URL HTTP/2
maps.google.com/maps?t=m&output=embed&iwloc=near&z=12&q=Exponenta-BC
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /maps?t=m&output=embed&iwloc=near&z=12&q=Exponenta-BC HTTP/1.1
Host: maps.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
location: https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sExponenta-BC!5e0!6i12
vary: Origin, X-Origin, Referer
date: Sat, 04 Feb 2023 05:31:00 GMT
content-type: text/html
server: scaffolding on HTTPServer2
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
server-timing: gfet4t7; dur=17
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8176ac8bbb8fa05f36bdfa163da09e0c
b936c84c5fa7e781b12a17952c82bca546ca0575
1aa7e39fd02514a4023036a8a100d7e7898ee220063ebfb41c509264c81ed727

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:31:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
621b586028d5acaf29b8777ca0872ce1
9d2a358576d0acab58e2eacf7765b686cee9181f
a7c99a5217e394c715679780ae1e3e60202653547212b0a4fd2efab0e1a01015

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:31:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.exponenta-bc.com/wp-content/uploads/2020/10/Exponenta-BC_Executive-Suite.jpeg

192.185.143.10

200 OK

23 kB

URL HTTP/2
www.exponenta-bc.com/wp-content/uploads/2020/10/Exponenta-BC_Executive-Suite.jpeg
IP
192.185.143.10:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 475x414, components 3\012- data
Size
23 kB (22556 bytes)
Hash
55093afda23f1093200e4ae8f887cb5a
c879fc378878916ac0cf793dd511d0e3f44af0fe
f134e5d6a96dcf5fd5f0be18f4bbc6d6d290f6e4fb2c53e1edfcc81d4c8cfd9e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/2020/10/Exponenta-BC_Executive-Suite.jpeg HTTP/1.1
Host: www.exponenta-bc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Cookie: PHPSESSID=9e9486ca324841ab8f53954e10459a25
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 06 Oct 2020 20:21:10 GMT
accept-ranges: bytes
content-length: 22556
cache-control: max-age=31536000
expires: Sun, 04 Feb 2024 05:31:00 GMT
content-type: image/jpeg
date: Sat, 04 Feb 2023 05:31:00 GMT
server: Apache
X-Firefox-Spdy: h2

www.exponenta-bc.com/wp-content/uploads/2020/10/Exponenta-BC_Estidama-Suit.jpg

192.185.143.10

200 OK

18 kB

URL HTTP/2
www.exponenta-bc.com/wp-content/uploads/2020/10/Exponenta-BC_Estidama-Suit.jpg
IP
192.185.143.10:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 475x414, components 3\012- data
Size
18 kB (18063 bytes)
Hash
3e76f26ead7e49059704e73f24b899db
c58bb815ae6bad39857d887f6f89f9707cccd841
f943ed75e0db36dce7cbe9ce34b3eddaeaf1bf6d69f899b3f747f7ff985b6740

HTTP Headers

GET /wp-content/uploads/2020/10/Exponenta-BC_Estidama-Suit.jpg HTTP/1.1
Host: www.exponenta-bc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Cookie: PHPSESSID=9e9486ca324841ab8f53954e10459a25
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 06 Oct 2020 20:22:30 GMT
accept-ranges: bytes
content-length: 18063
cache-control: max-age=31536000
expires: Sun, 04 Feb 2024 05:31:00 GMT
content-type: image/jpeg
date: Sat, 04 Feb 2023 05:31:00 GMT
server: Apache
X-Firefox-Spdy: h2

www.exponenta-bc.com/wp-content/uploads/2020/10/Exponenta-BC_CO-WORKING-FLEXI-DESK-OFFICE-1170x575.jpeg

192.185.143.10

200 OK

314 kB

URL HTTP/2
www.exponenta-bc.com/wp-content/uploads/2020/10/Exponenta-BC_CO-WORKING-FLEXI-DESK-OFFICE-1170x575.jpeg
IP
192.185.143.10:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 99", baseline, precision 8, 1170x575, components 3\012- data
Size
314 kB (313628 bytes)
Hash
6be93f38932085017242915f79250569
c7eff6377fc52a2a9b7b9d127fb9f1e5ee88bf6a
00b06176e3a542ebad79627c65a6da6b40c81bb08bbba9a360aa31508812dc8c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/2020/10/Exponenta-BC_CO-WORKING-FLEXI-DESK-OFFICE-1170x575.jpeg HTTP/1.1
Host: www.exponenta-bc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Cookie: PHPSESSID=9e9486ca324841ab8f53954e10459a25
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 06 Oct 2020 20:21:54 GMT
accept-ranges: bytes
content-length: 313628
cache-control: max-age=31536000
expires: Sun, 04 Feb 2024 05:31:00 GMT
content-type: image/jpeg
date: Sat, 04 Feb 2023 05:31:00 GMT
server: Apache
X-Firefox-Spdy: h2

www.exponenta-bc.com/wp-content/uploads/2020/10/Exponenta-BC_Co-Working-Space.jpg

192.185.143.10

200 OK

54 kB

URL HTTP/2
www.exponenta-bc.com/wp-content/uploads/2020/10/Exponenta-BC_Co-Working-Space.jpg
IP
192.185.143.10:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 553x828, components 3\012- data
Size
54 kB (53707 bytes)
Hash
e43452f74969ba14c7bf18e09e7c6f3a
2d008ce31da8ce7cf9a44bae095e2d85dc91fdde
183faaf492589e9946fc9a066b3373cc4e0bb213afd980a72a663f0220f2a724

HTTP Headers

GET /wp-content/uploads/2020/10/Exponenta-BC_Co-Working-Space.jpg HTTP/1.1
Host: www.exponenta-bc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Cookie: PHPSESSID=9e9486ca324841ab8f53954e10459a25
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 06 Oct 2020 20:33:54 GMT
accept-ranges: bytes
content-length: 53707
cache-control: max-age=31536000
expires: Sun, 04 Feb 2024 05:31:00 GMT
content-type: image/jpeg
date: Sat, 04 Feb 2023 05:31:00 GMT
server: Apache
X-Firefox-Spdy: h2

www.exponenta-bc.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4

192.185.143.10

200 OK

58 kB

URL HTTP/2
www.exponenta-bc.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
IP
192.185.143.10:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
data
Size
58 kB (57926 bytes)
Hash
d28607753602e549fc86fdb7c2a2bf8e
0c56d2195f0a1563db07606335540262068c099d
7627ffd1d1c0857a8a2ecf69a2a634d6d5214b553083f8da70e452a0b8e8e258

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4 HTTP/1.1
Host: www.exponenta-bc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Cookie: PHPSESSID=9e9486ca324841ab8f53954e10459a25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 05 May 2021 14:56:08 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 06 Mar 2023 05:30:59 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sat, 04 Feb 2023 05:30:59 GMT
server: Apache
X-Firefox-Spdy: h2

www.exponenta-bc.com/wp-content/uploads/2020/01/bg_contact1.jpg?id=1812

192.185.143.10

200 OK

3.3 kB

URL HTTP/2
www.exponenta-bc.com/wp-content/uploads/2020/01/bg_contact1.jpg?id=1812
IP
192.185.143.10:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1901x192, components 3\012- data
Size
3.3 kB (3286 bytes)
Hash
092d21b4218d797a7278254cb0b5748a
5ad995cff69e45c1b38a62f59c7e8b12ab8a680f
c07ffc9912440ae0cff8b8aa94d665d690529241779f14bc0d42076eb43e680b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/2020/01/bg_contact1.jpg?id=1812 HTTP/1.1
Host: www.exponenta-bc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Cookie: PHPSESSID=9e9486ca324841ab8f53954e10459a25
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 31 Jan 2020 22:06:36 GMT
accept-ranges: bytes
content-length: 3286
cache-control: max-age=31536000
expires: Sun, 04 Feb 2024 05:31:00 GMT
content-type: image/jpeg
date: Sat, 04 Feb 2023 05:31:00 GMT
server: Apache
X-Firefox-Spdy: h2

www.exponenta-bc.com/wp-content/themes/wotahub/css/font-face/Wcmanonegra/wcmanonegrabta-webfont.woff2

192.185.143.10

200 OK

52 kB

URL HTTP/2
www.exponenta-bc.com/wp-content/themes/wotahub/css/font-face/Wcmanonegra/wcmanonegrabta-webfont.woff2
IP
192.185.143.10:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format (Version 2), TrueType, length 51772, version 1.66\012- data
Size
52 kB (51772 bytes)
Hash
abd192a16a8ff3135a259deb4da58d5c
e5ade97f0ad36be4a784e49a24cb58986950ff54
1d7957bc8da9f11c0144a2c48430259c5c76e0a88167771fc67c12225f072f42

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/wotahub/css/font-face/Wcmanonegra/wcmanonegrabta-webfont.woff2 HTTP/1.1
Host: www.exponenta-bc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.exponenta-bc.com/wp-content/cache/autoptimize/css/autoptimize_d4897910e7fa5f12f1bcdba5e989b510.css
Cookie: PHPSESSID=9e9486ca324841ab8f53954e10459a25
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 17 May 2018 06:39:38 GMT
accept-ranges: bytes
content-length: 51772
content-type: font/woff2
date: Sat, 04 Feb 2023 05:31:00 GMT
server: Apache
X-Firefox-Spdy: h2

www.exponenta-bc.com/wp-content/themes/wotahub/css/font-face/Wcmanonegra/wcmanonegraboldbta-webfont.woff2

192.185.143.10

200 OK

50 kB

URL HTTP/2
www.exponenta-bc.com/wp-content/themes/wotahub/css/font-face/Wcmanonegra/wcmanonegraboldbta-webfont.woff2
IP
192.185.143.10:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format (Version 2), TrueType, length 49460, version 1.66\012- data
Size
50 kB (49460 bytes)
Hash
26bea119c7f2bffc5c07534f767e5ecc
36e3efed2c98e72c7cb6226f9a6a1b727a85189a
cd3d7347482264163087066635b9755c0b325ad7cc8167b2ff94fc83aab000e3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/wotahub/css/font-face/Wcmanonegra/wcmanonegraboldbta-webfont.woff2 HTTP/1.1
Host: www.exponenta-bc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.exponenta-bc.com/wp-content/cache/autoptimize/css/autoptimize_d4897910e7fa5f12f1bcdba5e989b510.css
Cookie: PHPSESSID=9e9486ca324841ab8f53954e10459a25
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 17 May 2018 06:39:38 GMT
accept-ranges: bytes
content-length: 49460
content-type: font/woff2
date: Sat, 04 Feb 2023 05:31:00 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700%2C800&ver=5.7.8

142.250.74.106

200 OK

29 kB

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700%2C800&ver=5.7.8
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
29 kB (28707 bytes)
Hash
d5c154709dd30e1c2fa16bffb2368579
48566b7c6577cb0e0cbb21244ed1db767fba4c07
64f29f4a3aabf20b13dfb39c2e2630e947cf5b40532f317b6b74e648efb4f880

HTTP Headers

GET /css?family=Open+Sans%3A300%2C400%2C600%2C700%2C800&ver=5.7.8 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 Feb 2023 05:30:59 GMT
date: Sat, 04 Feb 2023 05:30:59 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.exponenta-bc.com/wp-content/themes/wotahub/css/font-face/Montserrat/montserrat-semibold.woff2

192.185.143.10

200 OK

28 kB

URL HTTP/2
www.exponenta-bc.com/wp-content/themes/wotahub/css/font-face/Montserrat/montserrat-semibold.woff2
IP
192.185.143.10:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format (Version 2), TrueType, length 28432, version 3.6553\012- data
Size
28 kB (28432 bytes)
Hash
79b7cdbec5bde52c30e7d07febbd921f
7d9458551dcd29a38282df5fd2905067df7bb2e7
34875f1408af3a71875b95297b479d3fe7a0d9efb3b91492dd24ef67e9abc4ba

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/wotahub/css/font-face/Montserrat/montserrat-semibold.woff2 HTTP/1.1
Host: www.exponenta-bc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.exponenta-bc.com/wp-content/cache/autoptimize/css/autoptimize_d4897910e7fa5f12f1bcdba5e989b510.css
Cookie: PHPSESSID=9e9486ca324841ab8f53954e10459a25
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 17 May 2018 06:39:38 GMT
accept-ranges: bytes
content-length: 28432
content-type: font/woff2
date: Sat, 04 Feb 2023 05:31:00 GMT
server: Apache
X-Firefox-Spdy: h2

www.exponenta-bc.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.actions.min.js?version=5.4.8

192.185.143.10

200 OK

2.8 kB

URL HTTP/2
www.exponenta-bc.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.actions.min.js?version=5.4.8
IP
192.185.143.10:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (8089), with CRLF line terminators
Size
2.8 kB (2845 bytes)
Hash
4b7965432515b8c0726df47d008f39b3
4da311c37395db04b3f0e25c88e595f0a3c96c88
f08d33a18da2349f5627a6a90e0823b9a904151e514a7fd353dca48c5717cbe3

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.actions.min.js?version=5.4.8 HTTP/1.1
Host: www.exponenta-bc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Cookie: PHPSESSID=9e9486ca324841ab8f53954e10459a25
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 13 Feb 2019 21:52:50 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 06 Mar 2023 05:31:00 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 2845
content-type: application/javascript
date: Sat, 04 Feb 2023 05:31:00 GMT
server: Apache
X-Firefox-Spdy: h2

www.exponenta-bc.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.8

192.185.143.10

200 OK

8.4 kB

URL HTTP/2
www.exponenta-bc.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.8
IP
192.185.143.10:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (28818), with CRLF line terminators
Size
8.4 kB (8380 bytes)
Hash
9e9b332abe4a46934cc85242e22dd146
25dd86bdfc67ef2a8ce5561f73d5f5d147476da6
94f47ceb3f24fc839c1d3a60ed818edd717253efd60153e4e3ea2f00a7aba0ff

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.8 HTTP/1.1
Host: www.exponenta-bc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Cookie: PHPSESSID=9e9486ca324841ab8f53954e10459a25
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 13 Feb 2019 21:52:50 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 06 Mar 2023 05:31:00 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 8380
content-type: application/javascript
date: Sat, 04 Feb 2023 05:31:00 GMT
server: Apache
X-Firefox-Spdy: h2

www.exponenta-bc.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.navigation.min.js?version=5.4.8

192.185.143.10

200 OK

8.9 kB

URL HTTP/2
www.exponenta-bc.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.navigation.min.js?version=5.4.8
IP
192.185.143.10:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (25862), with CRLF line terminators
Size
8.9 kB (8892 bytes)
Hash
24cc4ae82947db94318c91847a49ee68
23ba55c3129dec4bb3c302eef52bebcbfa172e97
a3ab15aba69b891687f297afd31f1b09aa19856083d4ce9bb59d5b8f9df21477

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.navigation.min.js?version=5.4.8 HTTP/1.1
Host: www.exponenta-bc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Cookie: PHPSESSID=9e9486ca324841ab8f53954e10459a25
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 13 Feb 2019 21:52:50 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 06 Mar 2023 05:31:00 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 8892
content-type: application/javascript
date: Sat, 04 Feb 2023 05:31:00 GMT
server: Apache
X-Firefox-Spdy: h2

www.exponenta-bc.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

192.185.143.10

200 OK

77 kB

URL HTTP/2
www.exponenta-bc.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
192.185.143.10:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.exponenta-bc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.exponenta-bc.com/wp-content/cache/autoptimize/css/autoptimize_d4897910e7fa5f12f1bcdba5e989b510.css
Cookie: PHPSESSID=9e9486ca324841ab8f53954e10459a25
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 13 Feb 2019 21:52:54 GMT
accept-ranges: bytes
content-length: 77160
content-type: font/woff2
date: Sat, 04 Feb 2023 05:31:00 GMT
server: Apache
X-Firefox-Spdy: h2

www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sExponenta-BC!5e0!6i12

142.250.74.164

200 OK

1.4 kB

URL HTTP/2
www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sExponenta-BC!5e0!6i12
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2889)
Size
1.4 kB (1370 bytes)
Hash
afc98a6f7c910d5adbb0a053025701cd
a5947c81d45495a7c6b8fde0e5fd043e026ddc03
76d608ec1101b44037f45e4eb5655e3edfa1058ef76f940b49c28c07f87d3f51

HTTP Headers

GET /maps/embed?origin=mfe&pb=!1m4!2m1!1sExponenta-BC!5e0!6i12 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.exponenta-bc.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-9XfX24zrksrTzX3VCpLyeA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
vary: Accept-Language, Origin, X-Origin, Referer
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Sat, 04 Feb 2023 05:31:00 GMT
server: scaffolding on HTTPServer2
content-length: 1370
x-xss-protection: 0
x-content-type-options: nosniff
server-timing: gfet4t7; dur=271
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.exponenta-bc.com/wp-content/uploads/2020/10/Email-icon.png

192.185.143.10

404 Not Found

17 kB

URL HTTP/2
www.exponenta-bc.com/wp-content/uploads/2020/10/Email-icon.png
IP
192.185.143.10:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3892), with CRLF, LF line terminators
Size
17 kB (16985 bytes)
Hash
7d5a9460451eca419c19072b87e64208
6dbeba1271843fd255fb21b05966d2ba1dbb52ff
e12018c47d7a4678bbd08b264504a8b67aece03c5c5645ebf26bd12845cdefd2

HTTP Headers

GET /wp-content/uploads/2020/10/Email-icon.png HTTP/1.1
Host: www.exponenta-bc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Cookie: PHPSESSID=9e9486ca324841ab8f53954e10459a25
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.exponenta-bc.com/wp-json/>; rel="https://api.w.org/"
x-tec-api-version: v1
x-tec-api-root: https://www.exponenta-bc.com/wp-json/tribe/events/v1/
x-tec-api-origin: https://www.exponenta-bc.com
vary: Accept-Encoding
content-encoding: gzip
content-length: 16985
content-type: text/html; charset=UTF-8
date: Sat, 04 Feb 2023 05:31:00 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
3ce1bc23c86ace6b4d4949b2224e9132
f851119c51f81bc066be434187579385fb01efa0
a557c7ae0ad294e00d85e6aa2b556ce3a64009127d159ebb9b98c83969ac39ee

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4897
Cache-Control: max-age=126957
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:31:00 GMT
Etag: "63dd2760-117"
Expires: Sun, 05 Feb 2023 16:46:57 GMT
Last-Modified: Fri, 03 Feb 2023 15:25:20 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279

maps.gstatic.com/maps-api-v3/embed/js/51/8/init_embed.js

142.250.74.3

200 OK

227 kB

URL HTTP/2
maps.gstatic.com/maps-api-v3/embed/js/51/8/init_embed.js
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2599)
Size
227 kB (227161 bytes)
Hash
e3fcdb3b625ae8f6058df005fbac1b91
9cd25835e9e08695c0114f57a5abf4d3437b1619
97fcf9ad8137f24c0f74e5450b2b4a01d87dfa70678130187fe13c1614ab419b

HTTP Headers

GET /maps-api-v3/embed/js/51/8/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 227161
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 19:04:03 GMT
expires: Thu, 01 Feb 2024 19:04:03 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 18:44:31 GMT
content-type: text/javascript
age: 210417
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.exponenta-bc.com/wp-content/uploads/2019/02/cropped-logo-footer-1-32x32.png

192.185.143.10

200 OK

1.7 kB

URL HTTP/2
www.exponenta-bc.com/wp-content/uploads/2019/02/cropped-logo-footer-1-32x32.png
IP
192.185.143.10:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
1.7 kB (1705 bytes)
Hash
748529e68340768b6e9e99aa62979619
c30b9e33ef85b5db4ec21482aa000a4067db3ee9
7a32dc2b882b2ab7b5d4bd630406b449aef3a5f50c995cffe4b177dc2d20c4e0

HTTP Headers

GET /wp-content/uploads/2019/02/cropped-logo-footer-1-32x32.png HTTP/1.1
Host: www.exponenta-bc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Cookie: PHPSESSID=9e9486ca324841ab8f53954e10459a25; trx_addons_is_retina=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 13 Feb 2019 22:41:48 GMT
accept-ranges: bytes
content-length: 1705
cache-control: max-age=31536000
expires: Sun, 04 Feb 2024 05:31:00 GMT
content-type: image/png
date: Sat, 04 Feb 2023 05:31:00 GMT
server: Apache
X-Firefox-Spdy: h2

www.exponenta-bc.com/wp-content/uploads/2019/02/cropped-logo-footer-1-192x192.png

192.185.143.10

200 OK

31 kB

URL HTTP/2
www.exponenta-bc.com/wp-content/uploads/2019/02/cropped-logo-footer-1-192x192.png
IP
192.185.143.10:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
31 kB (30847 bytes)
Hash
469d3fb36afe321d26f35d52fe24f3a4
c097f8491f1e593f057cc8dced3b9d248980d55d
c4815520a2de7156b43b29567e1ed6808e75700045ade7be359fc81f96e378d4

HTTP Headers

GET /wp-content/uploads/2019/02/cropped-logo-footer-1-192x192.png HTTP/1.1
Host: www.exponenta-bc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Cookie: PHPSESSID=9e9486ca324841ab8f53954e10459a25; trx_addons_is_retina=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 13 Feb 2019 22:41:48 GMT
accept-ranges: bytes
content-length: 30847
cache-control: max-age=31536000
expires: Sun, 04 Feb 2024 05:31:00 GMT
content-type: image/png
date: Sat, 04 Feb 2023 05:31:00 GMT
server: Apache
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-app.js

104.22.25.131

200 OK

2.7 kB

URL HTTP/2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-app.js
IP
104.22.25.131:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
2.7 kB (2663 bytes)
Hash
890b3119e3d5bf938ad1fbf43e2e49cc
58a54a715e3a7fc2054976e6e40a13d4f60cdf0f
40019641cb8b8334d22312cae1efe819d69363b8aadf34419dc0ab6576551c3a

HTTP Headers

GET /_s/v4/app/63b77dcd282/js/twk-app.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.exponenta-bc.com
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 05:31:01 GMT
content-type: application/javascript
vary: X-Goog-Allowed-Resources, Accept-Encoding
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 794104831d211c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

151.101.65.229

200 OK

54 kB

URL HTTP/2
cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
IP
151.101.65.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (32014)
Size
54 kB (53889 bytes)
Hash
ea53ffc3c20542881a2735a62c0426d7
365e24ffd4a54e4c019a47c94204ad90a8538eb5
e4f801f6cd7462489966e441ff53795823a607656497f9d0ce8cbfc08f6c7448

HTTP Headers

GET /emojione/2.2.7/lib/js/emojione.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 04 Feb 2023 05:31:02 GMT
age: 27635019
x-served-by: cache-fra19156-FRA, cache-bma1651-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 53889
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
ebc21c8d5986f11504e96c9be8610121
d59bbe4bae3717d4184ad5a6f7a94ee56356ebd6
6538e1804a480f1aaf91c410e2ced63d856d3554e6e4083d4d46ff0990d150d0

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 05:31:02 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "ABBE35A897D6C75A18528DCB48C29EBB91E8129C"
Expires: Sat, 04 Feb 2023 16:00:00 GMT
Last-Modified: Sat, 04 Feb 2023 04:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1677
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7941048f3923b511-OSL

embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-vendors.js

104.22.25.131

200 OK

70 kB

URL HTTP/2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-vendors.js
IP
104.22.25.131:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65464)
Size
70 kB (70188 bytes)
Hash
5b94e3b83af10787d99f3a74e1391adc
01765754a0a6ab68b7fa3018671be96de73886b7
57f29ba59ebc4e385142fde2c33b980f540121010a502c7718b1faeda95ae942

HTTP Headers

GET /_s/v4/app/63b77dcd282/js/twk-chunk-vendors.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.exponenta-bc.com
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 05:31:01 GMT
content-type: application/javascript
vary: X-Goog-Allowed-Resources, Accept-Encoding
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"70dac54eca3bb2143032bc4db3237623"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 794104831d1e1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-4fe9d5dd.js

104.22.25.131

200 OK

18 kB

URL HTTP/2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-4fe9d5dd.js
IP
104.22.25.131:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (942), with no line terminators
Size
18 kB (17535 bytes)
Hash
7c3c6a0ebc89a0a3969b3dd4a595ecaa
94c537f698d1252e39fd22b2b5294d63138022ce
a71c6c4ffc49a9e9a70a91b4882737345f47974310839a51b6e27ead56c91042

HTTP Headers

GET /_s/v4/app/63b77dcd282/js/twk-chunk-4fe9d5dd.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 05:31:02 GMT
content-type: application/javascript
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"5f434bdd806571a4e1b385bee9316ff6"
age: 2145971
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7941048db83a1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-32507910.js

104.22.25.131

200 OK

30 kB

URL HTTP/2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-32507910.js
IP
104.22.25.131:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
30 kB (30321 bytes)
Hash
0674f867b6c54b6858389032d3a8eb80
86396b1325e3f67e83594fb5993807136494988f
839864c622c1fe89eb7423676411b0b4cba709e24e2d7b40c64cbc890095e1e7

HTTP Headers

GET /_s/v4/app/63b77dcd282/js/twk-chunk-32507910.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 05:31:02 GMT
content-type: application/javascript
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"b931365947ecaea657544f82994716af"
age: 1383983
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7941048dc8411c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f8fa6a-620a-4d0c-aec7-0863ae11b871.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14221 bytes)
Hash
83ac46e378ad452aeb212d709ab70232
7514ed93fd2f256e5aad386fdd0ebc723785291b
e199498691268526a6ecfe58abb88ced8661272cd7ad8270811c84fb15dbb547

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f8fa6a-620a-4d0c-aec7-0863ae11b871.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 14221
x-amzn-requestid: a74ee3d4-6163-4dec-ab62-97279cf52282
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3ERhIAMFh1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-3e5d4b3d39919497215866df;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3TIbnpwYk9CIeoXeW4T-ouwV7X1y-LgKV7wB4XJwFKSKx248jIJyBQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:08:39 GMT
age: 26546
etag: "7514ed93fd2f256e5aad386fdd0ebc723785291b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-f163fcd0.js

104.22.25.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-f163fcd0.js
IP
104.22.25.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/63b77dcd282/js/twk-chunk-f163fcd0.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 05:31:02 GMT
content-type: application/javascript
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"a92075fd9ac5ba130387a80453676099"
age: 2145971
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7941048db83e1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-f1596d96.js

104.22.25.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-f1596d96.js
IP
104.22.25.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/63b77dcd282/js/twk-chunk-f1596d96.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 05:31:02 GMT
content-type: application/javascript
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"058710526a0979b9e77a4babe9adfcd7"
age: 2145971
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7941048db82e1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.exponenta-bc.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

192.185.143.10

200 OK

0 B

URL HTTP/2
www.exponenta-bc.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
IP
192.185.143.10:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.5.1 HTTP/1.1
Host: www.exponenta-bc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Cookie: PHPSESSID=9e9486ca324841ab8f53954e10459a25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 05 May 2021 14:56:08 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 06 Mar 2023 05:30:59 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sat, 04 Feb 2023 05:30:59 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Raleway%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=5.7.8

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Raleway%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=5.7.8
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Raleway%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=5.7.8 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 Feb 2023 05:30:59 GMT
date: Sat, 04 Feb 2023 05:30:59 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js

104.22.25.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-runtime.js
IP
104.22.25.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/63b77dcd282/js/twk-runtime.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.exponenta-bc.com
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 05:31:01 GMT
content-type: application/javascript
vary: X-Goog-Allowed-Resources, Accept-Encoding
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"de21d01e9f8b6cc35ea67267d0ba80ec"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 794104831d201c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/63b77dcd282/css/min-widget.css

104.22.25.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/63b77dcd282/css/min-widget.css
IP
104.22.25.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/63b77dcd282/css/min-widget.css HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 05:31:02 GMT
content-type: text/css
cache-control: public, max-age=2592000, immutable
cf-bgj: minify
cf-polished: origSize=24960
access-control-allow-origin: *
age: 2145969
etag: W/"80df9814fe6b98404ccc1df3c455ceaa"
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-cache-status: HIT
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7941048e786d1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:400%7CMontserrat:400

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400%7CMontserrat:400
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans:400%7CMontserrat:400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 Feb 2023 05:30:59 GMT
date: Sat, 04 Feb 2023 05:30:59 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Fjalla+One:400&subset=latin,latin-ext

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Fjalla+One:400&subset=latin,latin-ext
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Fjalla+One:400&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 Feb 2023 05:30:59 GMT
date: Sat, 04 Feb 2023 05:30:59 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.exponenta-bc.com/wp-content/cache/autoptimize/js/autoptimize_cdab3988059b4e637518cdfc985a4e80.js

192.185.143.10

200 OK

0 B

URL HTTP/2
www.exponenta-bc.com/wp-content/cache/autoptimize/js/autoptimize_cdab3988059b4e637518cdfc985a4e80.js
IP
192.185.143.10:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/cache/autoptimize/js/autoptimize_cdab3988059b4e637518cdfc985a4e80.js HTTP/1.1
Host: www.exponenta-bc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Cookie: PHPSESSID=9e9486ca324841ab8f53954e10459a25
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 04 Jan 2023 22:07:28 GMT
accept-ranges: bytes
cache-control: max-age=30672000, public, immutable
expires: Thu, 25 Jan 2024 05:30:59 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sat, 04 Feb 2023 05:30:59 GMT
server: Apache
X-Firefox-Spdy: h2

www.exponenta-bc.com/wp-content/cache/autoptimize/css/autoptimize_d4897910e7fa5f12f1bcdba5e989b510.css

192.185.143.10

200 OK

0 B

URL HTTP/2
www.exponenta-bc.com/wp-content/cache/autoptimize/css/autoptimize_d4897910e7fa5f12f1bcdba5e989b510.css
IP
192.185.143.10:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/cache/autoptimize/css/autoptimize_d4897910e7fa5f12f1bcdba5e989b510.css HTTP/1.1
Host: www.exponenta-bc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Cookie: PHPSESSID=9e9486ca324841ab8f53954e10459a25
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 04 Jan 2023 22:07:28 GMT
accept-ranges: bytes
cache-control: max-age=30672000, public, immutable
expires: Thu, 25 Jan 2024 05:30:59 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Sat, 04 Feb 2023 05:30:59 GMT
server: Apache
X-Firefox-Spdy: h2

embed.tawk.to/5e2c1bee8e78b86ed8ab06f4/default

104.22.25.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/5e2c1bee8e78b86ed8ab06f4/default
IP
104.22.25.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /5e2c1bee8e78b86ed8ab06f4/default HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.exponenta-bc.com
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 04 Feb 2023 05:31:00 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
etag: W/"stable-v4-63b77dcd282"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7941047e8baf1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/63b77dcd282/css/max-widget.css

104.22.25.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/63b77dcd282/css/max-widget.css
IP
104.22.25.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/63b77dcd282/css/max-widget.css HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 05:31:02 GMT
content-type: text/css
cache-control: public, max-age=2592000, immutable
cf-bgj: minify
cf-polished: origSize=75771
access-control-allow-origin: *
etag: W/"0158db159e8967dbda5865ed6b2e435d"
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-cache-status: HIT
cf-cache-status: HIT
age: 2145969
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7941048e886f1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-vendor.js

104.22.25.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-vendor.js
IP
104.22.25.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/63b77dcd282/js/twk-vendor.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.exponenta-bc.com
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 05:31:01 GMT
content-type: application/javascript
vary: X-Goog-Allowed-Resources, Accept-Encoding
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 794104831d1c1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

va.tawk.to/v1/session/start

104.22.25.131

200 OK

0 B

URL HTTP/2
va.tawk.to/v1/session/start
IP
104.22.25.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

OPTIONS /v1/session/start HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.exponenta-bc.com/
Origin: https://www.exponenta-bc.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 05:31:02 GMT
x-served-by: visitor-application-preemptive-0w1p
access-control-allow-origin: https://www.exponenta-bc.com
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
cf-ray: 794104894ecb1c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-48f46bef.js

104.22.25.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-48f46bef.js
IP
104.22.25.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/63b77dcd282/js/twk-chunk-48f46bef.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 05:31:02 GMT
content-type: application/javascript
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"d9f3d1c4504d77c3e7c2e3e2f126fd9b"
age: 2145970
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7941048db8381c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/63b77dcd282/css/message-preview.css

104.22.25.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/63b77dcd282/css/message-preview.css
IP
104.22.25.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/63b77dcd282/css/message-preview.css HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 05:31:02 GMT
content-type: text/css
cache-control: public, max-age=2592000, immutable
cf-bgj: minify
cf-polished: origSize=38268
access-control-allow-origin: *
age: 1414459
etag: W/"949ecc85ac578750ec9a03e5680f7b0e"
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-cache-status: HIT
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7941048e786e1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-main.js

104.22.25.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-main.js
IP
104.22.25.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/63b77dcd282/js/twk-main.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.exponenta-bc.com
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 05:31:01 GMT
content-type: application/javascript
vary: X-Goog-Allowed-Resources, Accept-Encoding
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"da5bb1dc647470204df0e49f5afac2de"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 794104830d1b1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Droid+Serif%3A400%2C700&ver=5.7.8

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Droid+Serif%3A400%2C700&ver=5.7.8
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Droid+Serif%3A400%2C700&ver=5.7.8 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 Feb 2023 05:30:59 GMT
date: Sat, 04 Feb 2023 05:30:59 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-common.js

104.22.25.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/63b77dcd282/js/twk-chunk-common.js
IP
104.22.25.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/63b77dcd282/js/twk-chunk-common.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.exponenta-bc.com
Connection: keep-alive
Referer: https://www.exponenta-bc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 05:31:01 GMT
content-type: application/javascript
vary: X-Goog-Allowed-Resources, Accept-Encoding
last-modified: Fri, 06 Jan 2023 01:49:34 GMT
etag: W/"385105148a50079bafff97e9c9476109"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 794104831d1f1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (65)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML