{"report_id":"6bc5cef0-429d-475e-90a6-822785ac0ac5","version":6,"status":"done","tags":[],"date":"2026-03-22T17:05:08Z","url":{"schema":"http","addr":"exodus.com.ag","fqdn":"exodus.com.ag","domain":"exodus.com.ag","tld":"com.ag"},"ip":{"addr":"158.94.209.135","port":0,"asn":786,"as":"Jisc Services Limited","country":"United Kingdom","country_code":"GB"},"final":{"url":{"schema":"https","addr":"exodus.com.ag/","fqdn":"exodus.com.ag","domain":"exodus.com.ag","tld":"com.ag"},"title":"Welcome","dom":{"size":819,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"d319b6ef47683c18073d87831816faa1","sha1":"3ac5f6be8606a7ac2ce7a73a82bc9c05ee9206b2","sha256":"9b2174e1b88285c03390d9ccdbd0e2e91772af4f44c3606f320a8a88598a9f7a","sha512":"22cb7ff2b2b05995589f20bb424ff342cf4d18b391dda1cfddf9a16ab53771525280924dcb1d3c896f10e8edfb70444952aa6d8d20a186a254d9c897d3d45448","ssdeep":"","tlshash":"c301fd1781d1000774a1e4482c93fb005fa88826828b89ac789d5298cfce990c5f3bac","dom_hash":"domhash4eec2f5a5a0b25d130e5eed3aef9c509","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"exodus.com.ag","fqdn":"exodus.com.ag","domain":"exodus.com.ag","tld":"com.ag"},"ip":{"addr":"158.94.209.135","port":0,"asn":786,"as":"Jisc Services Limited","country":"United Kingdom","country_code":"GB"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-26T17:05:08Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"exodus.com.ag","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null},"summary":[{"fqdn":"exodus.com.ag","ip":{"addr":"158.94.209.135","port":443,"asn":786,"as":"Jisc Services Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2026-03-18","domain_rank":0,"first_seen":"2026-03-22T17:05:08.740538Z","last_seen":"2026-03-22T17:05:08.740538Z","alert_count":2,"request_count":2,"received_data":4210,"sent_data":915,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"exodus.com.ag/","fqdn":"exodus.com.ag","domain":"exodus.com.ag","tld":"com.ag"},"ip":{"addr":"158.94.209.135","port":443,"asn":786,"as":"Jisc Services Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-22T17:04:47.447Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"exodus.com.ag","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 11:03:29 GMT","end":"Fri, 19 Jun 2026 11:03:28 GMT"},"fingerprint":{"sha1":"E9:98:02:B4:30:54:25:11:BB:60:BD:61:37:67:C8:F2:B0:6F:B6:98","sha256":"5C:18:EA:5C:6E:58:B8:EB:DE:5A:41:0F:3C:3A:FD:63:B5:3B:6F:CE:D0:2C:95:5B:1C:41:9B:53:8C:49:CA:E5"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: exodus.com.ag\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 22 Mar 2026 17:04:47 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 510\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":857,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"acc3a2ccf2eaf2dc5ef99cc06e844617","sha1":"611666cc1e6a1b45acdc8237de55c7993a84b035","sha256":"482fb6e02eed1dea995aa6ce64f931c05d104a874d163262d7adde472ecaf6dd","sha512":"1cd5471451cb79ad124e5a96d95f554febed942933ca44a6e28fb7b99f640cbf82d5d40bef7fe762d0f0699f452c1e91f4ecd0b8401689254e4cb87588e57ab1","ssdeep":"","tlshash":"9d111e2751c0080664b1a278ec93f704efa884629247416c349d219bcffe950c9f3b6c","first_seen":"2026-03-22T17:05:12.70889Z","last_seen":"2026-05-14T07:39:09.628524Z","times_seen":9,"resource_available":true,"data":null}},"time_used":495,"timings":{"blocked":212,"dns":83,"connect":58,"send":0,"wait":70,"receive":0,"ssl":70},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"exodus.com.ag","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"exodus.com.ag/favicon.ico","fqdn":"exodus.com.ag","domain":"exodus.com.ag","tld":"com.ag"},"ip":{"addr":"158.94.209.135","port":443,"asn":786,"as":"Jisc Services Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://exodus.com.ag/","date":"2026-03-22T17:04:47.927Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"exodus.com.ag","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 21 Mar 2026 11:03:29 GMT","end":"Fri, 19 Jun 2026 11:03:28 GMT"},"fingerprint":{"sha1":"E9:98:02:B4:30:54:25:11:BB:60:BD:61:37:67:C8:F2:B0:6F:B6:98","sha256":"5C:18:EA:5C:6E:58:B8:EB:DE:5A:41:0F:3C:3A:FD:63:B5:3B:6F:CE:D0:2C:95:5B:1C:41:9B:53:8C:49:CA:E5"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: exodus.com.ag\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://exodus.com.ag/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sun, 22 Mar 2026 17:04:47 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nlast-modified: Sat, 21 Mar 2026 12:01:24 GMT\r\netag: W/\"b52-64d878f8c8d8f\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2898,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (634)","md5":"f01ba522c3539135df33250082846848","sha1":"af31de06cf3d07cf83f104af8755b0cc5222ffc6","sha256":"2e8deb28946a6b41ccb927eaa43bbaa78ea82cef39a40638f2e5afa8e90e73ca","sha512":"5ca1b1d3c6f8e1948574a743bd6f58d9f430f9a576c9e656958dda81546a6b0baf0c02ff1b084640351a2bc44ba644e0f671aef0e2ff30981feec2af47764ee6","ssdeep":"","tlshash":"08515194c71c649fd35e24e6293e22c0282f8cb669a3ce7bbc77b174d6c800c87395a5","first_seen":"2025-04-07T04:58:47.339843Z","last_seen":"2026-06-07T23:09:29.569909Z","times_seen":6602,"resource_available":true,"data":null}},"time_used":67,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":67,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-22","alert":"Phishing Block","trigger":"exodus.com.ag","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}