{"report_id":"9f11125f-76da-4d99-b24d-19c03fb951bc","version":6,"status":"done","tags":[],"date":"2026-02-22T20:45:56Z","url":{"schema":"https","addr":"official-exo--us.pages.dev","fqdn":"official-exo--us.pages.dev","domain":"official-exo--us.pages.dev","tld":"pages.dev"},"ip":{"addr":"172.66.45.4","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"official-exo--us.pages.dev/","fqdn":"official-exo--us.pages.dev","domain":"official-exo--us.pages.dev","tld":"pages.dev"},"title":"Exodus Web3 WalletĘ­ - Your Gateway to the Decentralized Web","dom":{"size":6193,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (318)","md5":"4f592e43a09982733d5265ae6a4ac5d7","sha1":"f1f7d7e4d6128462469c64bcd191015ff5a6c582","sha256":"edc22f55338d72491576547562b81a1506457eb39c5a23e14ad44006e6dfc6ef","sha512":"e3e6a755164f078c178ae0031beedd5eb6eb59821d66ecce615b5877dc1c4cba94ecf080ece0cc42f447834002a6402cfd5b1c30cbd08f3d56de873687320ace","ssdeep":"96:nahAa/XcIJ68BkByWA5lnLNeg06TStRB5R+DDrxUuQQ25EW151iz8:cLJ68BksWGnLNbGtW1U57nS8","tlshash":"3ed1646793f622520742909c9fe3a3f45d1780af860d6f6679ac960cff802558ab37cd","dom_hash":"domhash1d23a2a7dcd5e03058c7a6dfc6f91ce2","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"official-exo--us.pages.dev","fqdn":"official-exo--us.pages.dev","domain":"official-exo--us.pages.dev","tld":"pages.dev"},"ip":{"addr":"172.66.45.4","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-29T20:45:56Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":0}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-02-22T20:42:09Z","timestamp":1771792929,"ip_dst":{"addr":"172.66.46.252","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":39220,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Cloudflare Page Developer Domain (pages .dev in TLS SNI)","source":"{\"timestamp\":\"2026-02-22T20:42:09.334479+0000\",\"flow_id\":585257646683918,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.20\",\"src_port\":39220,\"dest_ip\":\"172.66.46.252\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2057746,\"rev\":1,\"signature\":\"ET INFO Observed Cloudflare Page Developer Domain (pages .dev in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2024_11_20\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"Description_Generated_By_Proofpoint_Nexus\"],\"updated_at\":[\"2024_11_20\"]}},\"tls\":{\"sni\":\"official-exo--us.pages.dev\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3487,\"start\":\"2026-02-22T20:42:09.325390+0000\"}}"}],"analyzer":null,"urlquery":null},"summary":[{"fqdn":"official-exo--us.pages.dev","ip":{"addr":"172.66.46.252","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2020-09-02","domain_rank":0,"first_seen":"2026-02-22T20:45:56.209564Z","last_seen":"2026-02-22T20:45:56.209564Z","alert_count":0,"request_count":2,"received_data":14233,"sent_data":954,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"official-exo--us.pages.dev/","fqdn":"official-exo--us.pages.dev","domain":"official-exo--us.pages.dev","tld":"pages.dev"},"ip":{"addr":"172.66.46.252","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-22T20:42:09.321Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"official-exo--us.pages.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 07:57:25 GMT","end":"Sun, 12 Apr 2026 08:55:11 GMT"},"fingerprint":{"sha1":"F6:96:9A:41:31:11:7E:73:69:44:FB:F4:B8:B1:3B:F6:EB:84:CE:3E","sha256":"8B:5B:C6:8F:C6:23:CA:D3:E6:E9:5E:14:79:98:AA:6F:F3:96:7E:D9:4B:2D:F3:62:C6:6D:FA:FF:BA:82:D3:87"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: official-exo--us.pages.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 22 Feb 2026 20:42:09 GMT\r\ncontent-type: text/html; charset=utf-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KhSvksdkikCUZXHPYpKSK0JZuOe%2BgQxhRshXsC7Alk2vxth%2FyZ6zdeLw0g%2Ffxm8QVpdffkR3E7ienyVo2ZHZXmN%2Fh9elK60ZKp%2FBC5rQ83sOD64xSfNux%2Fxg\"}]}\r\netag: W/\"b4cf5f955a800a149403e733a713b0ef\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9d214ef06d51120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6365,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (318), with CRLF line terminators","md5":"f35b0bd04339e6d88ccf518633673649","sha1":"91be6bc92888bcc08fbee692b2a907a33bd71394","sha256":"8bfe56fbeb0e087d755ac29705143b9e5eda047d270a3f409a9cb71db872db02","sha512":"1c466b34a972f3d91f9174d836ce78a8428807420f2336db45e7f039c0108d3c4318b5c982491aa65967b943b42eecc98b0b33d7451b589d2ac480017c1d7aa0","ssdeep":"96:IhpK+8c/kBkByPA554efLaO3jbKj+BmR+aDrx4QQguukJTEFzW:I7x/kBksPG4efLaUUd1KzAFW","tlshash":"e0d1451793c525510632819c9f63a3f8df0680af57090fa679ae960fbfb025586b37cd","first_seen":"2025-09-21T05:01:34.512171Z","last_seen":"2026-03-16T15:34:16.047226Z","times_seen":6,"resource_available":true,"data":null}},"time_used":301,"timings":{"blocked":25,"dns":8,"connect":1,"send":0,"wait":247,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"official-exo--us.pages.dev/favicon.ico","fqdn":"official-exo--us.pages.dev","domain":"official-exo--us.pages.dev","tld":"pages.dev"},"ip":{"addr":"172.66.46.252","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://official-exo--us.pages.dev/","date":"2026-02-22T20:42:09.755Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"official-exo--us.pages.dev","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 07:57:25 GMT","end":"Sun, 12 Apr 2026 08:55:11 GMT"},"fingerprint":{"sha1":"F6:96:9A:41:31:11:7E:73:69:44:FB:F4:B8:B1:3B:F6:EB:84:CE:3E","sha256":"8B:5B:C6:8F:C6:23:CA:D3:E6:E9:5E:14:79:98:AA:6F:F3:96:7E:D9:4B:2D:F3:62:C6:6D:FA:FF:BA:82:D3:87"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: official-exo--us.pages.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://official-exo--us.pages.dev/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 22 Feb 2026 20:42:09 GMT\r\ncontent-type: text/html; charset=utf-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\npriority: u=6,i=?0\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=i2oxJy1egJs0kUcUNIWxjlVlKvhWf0mmHzn99AEb%2B%2FKjSVIeXxZUDcdC2zOFqCF%2BtWPGowga6Km8NVQhdNU86v9vZHRzTMelmjHAMdyKHzE3foUbwt%2F3l9Xl\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"b4cf5f955a800a149403e733a713b0ef\"\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9d214ef2fa3175ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6365,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (318), with CRLF line terminators","md5":"f35b0bd04339e6d88ccf518633673649","sha1":"91be6bc92888bcc08fbee692b2a907a33bd71394","sha256":"8bfe56fbeb0e087d755ac29705143b9e5eda047d270a3f409a9cb71db872db02","sha512":"1c466b34a972f3d91f9174d836ce78a8428807420f2336db45e7f039c0108d3c4318b5c982491aa65967b943b42eecc98b0b33d7451b589d2ac480017c1d7aa0","ssdeep":"96:IhpK+8c/kBkByPA554efLaO3jbKj+BmR+aDrx4QQguukJTEFzW:I7x/kBksPG4efLaUUd1KzAFW","tlshash":"e0d1451793c525510632819c9f63a3f8df0680af57090fa679ae960fbfb025586b37cd","first_seen":"2025-09-21T05:01:34.512171Z","last_seen":"2026-03-16T15:34:16.047226Z","times_seen":6,"resource_available":true,"data":null}},"time_used":69,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":69,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}