firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 08:47:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tAcpdLGu7WeiSCdnB2kbFKFMFaw-L4meTR_Ouetlhd2u1nLvc0ajnw==
Age: 604
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11014
Expires: Tue, 04 Oct 2022 12:00:42 GMT
Date: Tue, 04 Oct 2022 08:57:08 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -Z82V-On3LLZtLmV5RJJN5Kisqrhc_LF9vAtQkgAHn2w3vNGp4XWSQ==
age: 12521
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 08:57:08 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 08:29:33 GMT
Expires: Tue, 04 Oct 2022 09:26:52 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WkvbKSXtDnX74LImVEymssJZBd5bvQABhhIA8Mfov7ABwaGUq2yXmQ==
Age: 1655
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 321fa9a78e31dcb66601ac5890bfba73
c325580db79bde6fd00d2d0c7e3f675e4c0046bb
83029b324b4c36522ae47eef9614c124b0ad2994de412d7ea82f990ad8ae9d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3312
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 08:57:09 GMT
Last-Modified: Tue, 04 Oct 2022 08:01:57 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
exoasdus-walle.azurewebsites.net/
20.119.8.23200 OK 12 kB URL HTTP/1.1 exoasdus-walle.azurewebsites.net/
IP 20.119.8.23:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8047), with CRLF, LF line terminators
Hash 49cd58ee785e98ac3a685a7af40bbd92
31b2c2ad43cb0c47b2b6ba7deff31d3e563c9b58
e3f5139fbe10d70bd8600a76b0b06d4c0a0a4fa00e7b8ecaf42420f65ed872cb
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET / HTTP/1.1
Host: exoasdus-walle.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Content-Length: 11913
Content-Type: text/html; charset=utf-8
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.28, ASP.NET
Link: <https://exoasdus-walle.azurewebsites.net/wp-json/>; rel="https://api.w.org/", <https://exoasdus-walle.azurewebsites.net/wp-json/wp/v2/pages/1254>; rel="alternate"; type="application/json", <https://exoasdus-walle.azurewebsites.net/>; rel=shortlink
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
104.17.25.14200 OK 10 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (59119)
Hash 14e1692fd4263ccfea0b84299bdbf1f5
7783020a9ced5f32c8d38205357c7d10798be1fd
8ff0cd2d1e7f0b6203a762fb9811256d4445a3ad0d97f07102e038ba0eb3db72
GET /ajax/libs/font-awesome/5.15.4/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exoasdus-walle.azurewebsites.net
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:57:09 GMT
content-type: text/css; charset=utf-8
content-length: 10462
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "613fa20b-28de"
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 449495
expires: Sun, 24 Sep 2023 08:57:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8kZiv0S8WgYhXTtWTYJ80Uh8g7MEOt9jnC4LogOKJraAXxfSfDLupJ2Dr4oFm2mV8ocbBKjbYOpb%2Fm03ys68K5AgzXwhEwC8YZyG0tq4d1eG%2BHwXf7wViK02kDFdRTrmBd4BwOQX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 754cb55998810b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 08:57:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
exoasdus-walle.azurewebsites.net/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
20.119.8.23200 OK 17 kB URL HTTP/1.1 exoasdus-walle.azurewebsites.net/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 20.119.8.23:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (43771)
Hash 80e77ee88576bf29fce3627b7a68ba93
cad7a80e221262df968ef3cf18edbfc2c6a01388
7629ec786ee7f42bbd14715062a2e8fafe210484570acd4f06aef19191e160d6
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: exoasdus-walle.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 16612
Content-Type: text/css
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "1c6f3d2ecd2d81:0"
Last-Modified: Wed, 28 Sep 2022 03:46:00 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
push.services.mozilla.com/
54.187.146.10101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.146.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vV4YJp4hvOEPUl1fGS7Iqw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Cqu3rJHd1DVjNyoMxNB5WQEGQg8=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 08:57:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 08:57:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 08:57:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
142.250.74.10200 OK 1.5 kB URL HTTP/2 fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
IP 142.250.74.10:0
Hash e868ef2f9a7209a6cbfec44af236a857
9308677d293a232dbf5d777f7ed971ab3f94bd56
8689d66dfd533a0a5f1df66627bae28e07751cddd8033f2b566627b75b67997b
GET /css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 08:57:09 GMT
date: Tue, 04 Oct 2022 08:57:09 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
exoasdus-walle.azurewebsites.net/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.5.2
20.119.8.23200 OK 67 kB URL HTTP/1.1 exoasdus-walle.azurewebsites.net/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.5.2
IP 20.119.8.23:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65536), with no line terminators
Hash 5618712eca99f4833f32001a75427a9c
8919c987a8f9a61d83a6cd521040b58e04c5e925
b524a4272da9f25638ce252b729e36dc9fd5f98cb159f795113eac5c6b31b005
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.5.2 HTTP/1.1
Host: exoasdus-walle.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/css
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "06abaf5b4c0d71:0"
Last-Modified: Thu, 14 Oct 2021 04:35:48 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: ASP.NET
exoasdus-walle.azurewebsites.net/wp-content/themes/schema-lite/style.css?ver=6.0.2
20.119.8.23200 OK 14 kB URL HTTP/1.1 exoasdus-walle.azurewebsites.net/wp-content/themes/schema-lite/style.css?ver=6.0.2
IP 20.119.8.23:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (362), with CRLF line terminators
Hash 97e4fb38b645dc816a2c4724896996a5
5cd5f9e026de0819c0428600ed46b85c0fef8e7f
9d99894d001cde9e052888757287c24f73214907b34accd955abd202e1913d72
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/themes/schema-lite/style.css?ver=6.0.2 HTTP/1.1
Host: exoasdus-walle.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 14088
Content-Type: text/css
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "80108424b4c0d71:0"
Last-Modified: Thu, 14 Oct 2021 04:29:57 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
exoasdus-walle.azurewebsites.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
20.119.8.23200 OK 5.0 kB URL HTTP/1.1 exoasdus-walle.azurewebsites.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 20.119.8.23:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (11126)
Hash f9aa3aa9fd0743851fe52747dc98ab58
20efd968d25b0f720cc71f97b8522f95120085a1
a6a2336d4bbf7f10472afd72c043f7a3bc4628665efcf53af07f0dd24a7c8483
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: exoasdus-walle.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 4994
Content-Type: application/x-javascript
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "c12263ddecd2d81:0"
Last-Modified: Wed, 28 Sep 2022 03:46:17 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
exoasdus-walle.azurewebsites.net/wp-content/themes/schema-lite/js/customscripts.js?ver=6.0.2
20.119.8.23200 OK 1.3 kB URL HTTP/1.1 exoasdus-walle.azurewebsites.net/wp-content/themes/schema-lite/js/customscripts.js?ver=6.0.2
IP 20.119.8.23:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash eaa6159215c1befb22bc1f619879cab7
80a2cddeaa140ce80e033b18b15a69cc67f1d8aa
d4d6608d044d9cccc07eea8dd16b86ed32307d0ec2cbd100d07306b8595ecffc
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/themes/schema-lite/js/customscripts.js?ver=6.0.2 HTTP/1.1
Host: exoasdus-walle.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 1284
Content-Type: application/x-javascript
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "80108424b4c0d71:0"
Last-Modified: Thu, 14 Oct 2021 04:29:57 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
exoasdus-walle.azurewebsites.net/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
20.119.8.23200 OK 8.4 kB URL HTTP/1.1 exoasdus-walle.azurewebsites.net/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 20.119.8.23:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 6eef3794b9d9d12e3cf9b1f59ff18d7b
f66e1ecba718850c89876aa833af3d315eb997d7
cca45babcbf4027ed2d560827bde4c164dbc75e30d51d0b12638353bd2261863
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: exoasdus-walle.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 8433
Content-Type: application/x-javascript
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "4711e4ddecd2d81:0"
Last-Modified: Wed, 28 Sep 2022 03:46:18 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
exoasdus-walle.azurewebsites.net/wp-includes/js/jquery/ui/menu.min.js?ver=1.13.1
20.119.8.23200 OK 3.8 kB URL HTTP/1.1 exoasdus-walle.azurewebsites.net/wp-includes/js/jquery/ui/menu.min.js?ver=1.13.1
IP 20.119.8.23:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (9937)
Hash dfb71fe73912c11a0c2f9478ccf81a72
28cb99a512d1610d6a4a88fad43cc8a40cfb98ca
5abff655a63b1774403944940474aebd5da8a094db4102613401e1b3d1118980
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-includes/js/jquery/ui/menu.min.js?ver=1.13.1 HTTP/1.1
Host: exoasdus-walle.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 3823
Content-Type: application/x-javascript
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "f08888deecd2d81:0"
Last-Modified: Wed, 28 Sep 2022 03:46:19 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
exoasdus-walle.azurewebsites.net/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
20.119.8.23200 OK 3.0 kB URL HTTP/1.1 exoasdus-walle.azurewebsites.net/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 20.119.8.23:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (6475), with no line terminators
Hash aa0bacc537dc46dac7d582c8405b79ef
ac13a41e7392f4ee2730173c39b424d746dcd976
66ee4d35b41ff015933b533d4c230633febc0b6331e181a8ee357cf3113dbbd1
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: exoasdus-walle.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 3001
Content-Type: application/x-javascript
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "794fc3dcecd2d81:0"
Last-Modified: Wed, 28 Sep 2022 03:46:16 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
exoasdus-walle.azurewebsites.net/wp-includes/js/dist/dom-ready.min.js?ver=d996b53411d1533a84951212ab6ac4ff
20.119.8.23200 OK 469 B URL HTTP/1.1 exoasdus-walle.azurewebsites.net/wp-includes/js/dist/dom-ready.min.js?ver=d996b53411d1533a84951212ab6ac4ff
IP 20.119.8.23:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (463)
Hash efe0c3c7ed1c68e955b61de05df9c070
cf6e35a0f996d5a9a78153083fede9e348cebe31
02b53fef2560b2bee82ef8dff015460f2bc6c41c7c45e88fc3074382c03a6656
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-includes/js/dist/dom-ready.min.js?ver=d996b53411d1533a84951212ab6ac4ff HTTP/1.1
Host: exoasdus-walle.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 469
Content-Type: application/x-javascript
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "bbbaa5daecd2d81:0"
Last-Modified: Wed, 28 Sep 2022 03:46:12 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
exoasdus-walle.azurewebsites.net/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
20.119.8.23200 OK 8.8 kB URL HTTP/1.1 exoasdus-walle.azurewebsites.net/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 20.119.8.23:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash 48127590d647b94c77867c4fe0275567
c1d6a51517e67aca91f8f9162badbcf857ff2c03
18ab5dd112b5b690e3dddefdbdde358179a6fe48181b05c7e3afe9ff2bf38470
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: exoasdus-walle.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 8823
Content-Type: application/x-javascript
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "62c43ddecd2d81:0"
Last-Modified: Wed, 28 Sep 2022 03:46:16 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
exoasdus-walle.azurewebsites.net/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
20.119.8.23200 OK 2.1 kB URL HTTP/1.1 exoasdus-walle.azurewebsites.net/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
IP 20.119.8.23:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (4875)
Hash 56182e12661d0b49f0bc73b17ff87b22
05d457aa272b52ff037a21e27e8649a9ab0211d2
78f77f6f9f4d768b43f291920b5a563bf11360a2c2f228a0f1f425d7b2ce7fbc
GET /wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 HTTP/1.1
Host: exoasdus-walle.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 2063
Content-Type: application/x-javascript
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "5a525ddbecd2d81:0"
Last-Modified: Wed, 28 Sep 2022 03:46:14 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
exoasdus-walle.azurewebsites.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
20.119.8.23200 OK 40 kB URL HTTP/1.1 exoasdus-walle.azurewebsites.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 20.119.8.23:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65447)
Hash 59e233ae35f844463587a189f62aacef
92f46e8f1d1954040e9ff19d7702e5ac3cd1ecd6
3ba6995e7f9d8ad74faf6ca6a812ba743dc8d237ef570151fbd20ee8719e4f63
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: exoasdus-walle.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 39763
Content-Type: application/x-javascript
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "fb3395ddecd2d81:0"
Last-Modified: Wed, 28 Sep 2022 03:46:17 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
exoasdus-walle.azurewebsites.net/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
20.119.8.23200 OK 4.7 kB URL HTTP/1.1 exoasdus-walle.azurewebsites.net/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
IP 20.119.8.23:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash e07888f2f813bdbc7044798bac5c2b85
3b63cb17f7bd7783273e1c1f23bbe8bc6266b2aa
ca53f39a6c8cf92cce2372dda51b8716130877ca16b9666d9493ef31b96dda47
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 HTTP/1.1
Host: exoasdus-walle.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 4704
Content-Type: application/x-javascript
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "eff079dbecd2d81:0"
Last-Modified: Wed, 28 Sep 2022 03:46:14 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
exoasdus-walle.azurewebsites.net/wp-includes/js/dist/a11y.min.js?ver=a38319d7ba46c6e60f7f9d4c371222c5
20.119.8.23200 OK 1.2 kB URL HTTP/1.1 exoasdus-walle.azurewebsites.net/wp-includes/js/dist/a11y.min.js?ver=a38319d7ba46c6e60f7f9d4c371222c5
IP 20.119.8.23:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (2472)
Hash b41d1cd16d0816ed58e3b798b4126c86
688fa96f04c46371d5810725f1d0db46ab79c82a
8a1611c7e06fc4430916daa4ef944cf9e63dd0022f57feee2c9145dbed8d4d53
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-includes/js/dist/a11y.min.js?ver=a38319d7ba46c6e60f7f9d4c371222c5 HTTP/1.1
Host: exoasdus-walle.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 1247
Content-Type: application/x-javascript
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "ee12f1d7ecd2d81:0"
Last-Modified: Wed, 28 Sep 2022 03:46:08 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
exoasdus-walle.azurewebsites.net/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.13.1
20.119.8.23200 OK 3.6 kB URL HTTP/1.1 exoasdus-walle.azurewebsites.net/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.13.1
IP 20.119.8.23:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (8339)
Hash d756b36ae042e97fc29413cae9c78e28
9426ba574b858f28c305425594037c8cfc500da5
d65e138ed63bd768b45e9122631a8efdacdbcdb7d4db9ba71c84b97ccf01d267
GET /wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.13.1 HTTP/1.1
Host: exoasdus-walle.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 3599
Content-Type: application/x-javascript
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "e0e4c4ddecd2d81:0"
Last-Modified: Wed, 28 Sep 2022 03:46:18 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
exoasdus-walle.azurewebsites.net/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
20.119.8.23200 OK 1.4 kB URL HTTP/1.1 exoasdus-walle.azurewebsites.net/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
IP 20.119.8.23:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (3233)
Hash d07a13bdfeab4ba953c5f95b8bda9e4a
e2e130bba37c52e3a4a86efb2279d9a8b315af0a
1ff9c81bcf97272d297ab068ccc5ffc8ad7802b5a639e8f0830e5c512a292404
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1 HTTP/1.1
Host: exoasdus-walle.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 1373
Content-Type: application/x-javascript
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "86af8fdeecd2d81:0"
Last-Modified: Wed, 28 Sep 2022 03:46:19 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
exoasdus-walle.azurewebsites.net/wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1
20.119.8.23200 OK 3.9 kB URL HTTP/1.1 exoasdus-walle.azurewebsites.net/wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1
IP 20.119.8.23:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (10572)
Hash 11477b80c5e580fe196c68d3dbdb877c
4e1b7d22cad840690e8378047aeccab0189899c0
02ce60cd3c3369c2ee550d00b86446336b1f687f01d72a2be6a1deb31daaf827
GET /wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1 HTTP/1.1
Host: exoasdus-walle.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 3861
Content-Type: application/x-javascript
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "4f9bbadeecd2d81:0"
Last-Modified: Wed, 28 Sep 2022 03:46:19 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
exoasdus-walle.azurewebsites.net/wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0
20.119.8.23200 OK 7.3 kB URL HTTP/1.1 exoasdus-walle.azurewebsites.net/wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0
IP 20.119.8.23:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (16109), with no line terminators
Hash 9bc17134184736146c26d0dbef4b931c
e3cbb5e548c5884541f83f1a1da947b895746bc0
34d87d995a7ba93d36a698e57654fe69eb1c61070520eaa1444bd8c06fb06b38
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0 HTTP/1.1
Host: exoasdus-walle.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 7284
Content-Type: application/x-javascript
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "39e6fddecd2d81:0"
Last-Modified: Wed, 28 Sep 2022 03:46:17 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 08:57:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 08:57:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 08:57:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto%20Slab%3A300%2C400%7CRaleway%3A400%2C500%2C700&subset=latin-ext
142.250.74.10200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%20Slab%3A300%2C400%7CRaleway%3A400%2C500%2C700&subset=latin-ext
IP 142.250.74.10:0
Hash 9514866cf1cfbf7f5e8fbd94f6d1da90
1494af8aca86766b7895c4ce845d3490e77aecc0
8780f685efd67cfe7702f44aaabcf8a40b4c711a188e9621f068731914944967
GET /css?family=Roboto%20Slab%3A300%2C400%7CRaleway%3A400%2C500%2C700&subset=latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 08:57:09 GMT
date: Tue, 04 Oct 2022 08:57:09 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
exoasdus-walle.azurewebsites.net/wp-includes/js/jquery/jquery.ui.touch-punch.js?ver=0.2.2
20.119.8.23200 OK 736 B URL HTTP/1.1 exoasdus-walle.azurewebsites.net/wp-includes/js/jquery/jquery.ui.touch-punch.js?ver=0.2.2
IP 20.119.8.23:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (985)
Hash f85a9f326c2cf53761cc1bc3e6428583
0a98b875d024e3f5a547065bd59d41f0680123e6
00b4c005c81910783ff9030a1e5d85893963bd71a363dab00e358d5b23e46b5a
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-includes/js/jquery/jquery.ui.touch-punch.js?ver=0.2.2 HTTP/1.1
Host: exoasdus-walle.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 736
Content-Type: application/x-javascript
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "d2e4a5ddecd2d81:0"
Last-Modified: Wed, 28 Sep 2022 03:46:18 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
216.58.207.195200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://exoasdus-walle.azurewebsites.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 21:13:12 GMT
expires: Tue, 03 Oct 2023 21:13:12 GMT
cache-control: public, max-age=31536000
age: 42238
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 08:57:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
exoasdus-walle.azurewebsites.net/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.5.2
20.119.8.23200 OK 7.1 kB URL HTTP/1.1 exoasdus-walle.azurewebsites.net/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.5.2
IP 20.119.8.23:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (19710), with no line terminators
Hash 5b9dc7beb2f10224cc736a01f356e775
302b25ddf1d426fc1f2b24d95f20c5b0ce316544
e75875c490581e405078052956bafa3267be749d4b722d1ec198f8b8741d4e6b
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.5.2 HTTP/1.1
Host: exoasdus-walle.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 7087
Content-Type: application/x-javascript
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "03d89f4b4c0d71:0"
Last-Modified: Thu, 14 Oct 2021 04:35:46 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
exoasdus-walle.azurewebsites.net/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
20.119.8.23200 OK 6.6 kB URL HTTP/1.1 exoasdus-walle.azurewebsites.net/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 20.119.8.23:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (15660)
Hash 5b49ac9423f60e2bc202fd0f262dcbca
8b8e9dc543c50fa37c93b4813e7b1df0b1e3c6ca
eece78511ada5a18c5969ad63f3458f1f1886adc05d198036c7dbf4f442299ab
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: exoasdus-walle.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 6568
Content-Type: application/x-javascript
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "d8ffefe1ecd2d81:0"
Last-Modified: Wed, 28 Sep 2022 03:46:25 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
exoasdus-walle.azurewebsites.net/wp-content/uploads/2021/11/apple-icon.png
20.119.8.23200 OK 1.4 kB URL HTTP/1.1 exoasdus-walle.azurewebsites.net/wp-content/uploads/2021/11/apple-icon.png
IP 20.119.8.23:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 30 x 34, 8-bit/color RGBA, non-interlaced\012- data
Hash 8d930659a6fa93f62ae70a721a58994f
dfecdf2e1e0f3774291d223beaf89b0c121e83e3
8e5692741f14d3a6ee58b07d3f776441b831083057f805645b04cfdd1ae46420
Analyzer Verdict Alert openphish Crypto/Wallet
GET /wp-content/uploads/2021/11/apple-icon.png HTTP/1.1
Host: exoasdus-walle.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 1351
Content-Type: image/png
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "80f4517d54e3d71:0"
Last-Modified: Sat, 27 Nov 2021 06:03:25 GMT
X-Powered-By: ASP.NET
cdn.livechatinc.com/tracking.js
23.36.79.17200 OK 26 kB URL HTTP/2 cdn.livechatinc.com/tracking.js
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 6d3a2ae40bc8b1a9d4db4491a8b8a2de
586a0476415b81afe725bbd9ab93052222f56a2b
68432d22583705e7515d896d46ac76e5962b6cdee4b2ffb24099e6abd54fc924
GET /tracking.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 03 Oct 2022 08:52:45 GMT
x-amz-version-id: ShWf3uxOW76WIXrfmBNYEunJ4VXa8qrD
server: AmazonS3
content-encoding: br
etag: W/"76bb2b42910688967d67aa5519646e5d"
vary: Accept-Encoding
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: rn7s_tBh0iAmVniiyguB1enwQ-YRMXK5bH3Zd6OV5vDOdHRsEY6Unw==
content-length: 25677
cache-control: max-age=28800
expires: Tue, 04 Oct 2022 16:57:10 GMT
date: Tue, 04 Oct 2022 08:57:10 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
exoasdus-walle.azurewebsites.net/wp-content/uploads/2021/11/play-icon.png
20.119.8.23200 OK 1.2 kB URL HTTP/1.1 exoasdus-walle.azurewebsites.net/wp-content/uploads/2021/11/play-icon.png
IP 20.119.8.23:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 30 x 34, 8-bit/color RGBA, non-interlaced\012- data
Hash 9daa7e811e7a3390ea855acd7ba6c5c7
ccb5c343776e1ad9f3bc6e192cfebe82eebcd56a
b8e3c8b195670b174fb3c3ebcf0fdd0c383bbba2a64a7317659cdb408efaa3f6
Analyzer Verdict Alert openphish Crypto/Wallet
GET /wp-content/uploads/2021/11/play-icon.png HTTP/1.1
Host: exoasdus-walle.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 1220
Content-Type: image/png
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "0bf451b55e3d71:0"
Last-Modified: Sat, 27 Nov 2021 06:07:50 GMT
X-Powered-By: ASP.NET
exoasdus-walle.azurewebsites.net/wp-content/uploads/2022/06/exdus_newlogo.png
20.119.8.23200 OK 4.5 kB URL HTTP/1.1 exoasdus-walle.azurewebsites.net/wp-content/uploads/2022/06/exdus_newlogo.png
IP 20.119.8.23:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 157 x 33, 8-bit/color RGBA, non-interlaced\012- data
Hash 6e4a304504daa2053fb330567ea895f2
969d5a2ac59b09d759135ad53423207a2dfd1ea9
16e71c9791ac9d0c17143a748b19bceabf237d8bd4ab7001d7de2a53f0c7d5f6
Analyzer Verdict Alert openphish Crypto/Wallet
GET /wp-content/uploads/2022/06/exdus_newlogo.png HTTP/1.1
Host: exoasdus-walle.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 4450
Content-Type: image/png
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "0f4ed7ba77d81:0"
Last-Modified: Fri, 03 Jun 2022 05:26:32 GMT
X-Powered-By: ASP.NET
exoasdus-walle.azurewebsites.net/wp-content/uploads/2021/11/social.png
20.119.8.23200 OK 1.7 kB URL HTTP/1.1 exoasdus-walle.azurewebsites.net/wp-content/uploads/2021/11/social.png
IP 20.119.8.23:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 113 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash b00c27143e69b11e45e8633190ed9aa6
3295c5e61d9dc49df4f0d3cb37f0697f79c71526
983be928354f2903889ab8c41a88d830e1ceb2bd2a3d17c5d9dea6bcc1f37809
Analyzer Verdict Alert openphish Crypto/Wallet
GET /wp-content/uploads/2021/11/social.png HTTP/1.1
Host: exoasdus-walle.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 1736
Content-Type: image/png
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "8085447551e3d71:0"
Last-Modified: Sat, 27 Nov 2021 05:41:43 GMT
X-Powered-By: ASP.NET
exoasdus-walle.azurewebsites.net/wp-content/uploads/2021/11/header-bg-mobile3.jpg
20.119.8.23200 OK 51 kB URL HTTP/1.1 exoasdus-walle.azurewebsites.net/wp-content/uploads/2021/11/header-bg-mobile3.jpg
IP 20.119.8.23:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1200x1697, components 3\012- data
Hash e933081c9b04cc04778a82affe40f43e
93fe769b90a4087c3d767946d9bcf9bed6779349
4ba3f1a8c45bdeb2cd2cfe59b0fe373c724c436c5a18ef0766bae323ff0d6603
Analyzer Verdict Alert openphish Crypto/Wallet
GET /wp-content/uploads/2021/11/header-bg-mobile3.jpg HTTP/1.1
Host: exoasdus-walle.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 50584
Content-Type: image/jpeg
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "80feb07151e3d71:0"
Last-Modified: Sat, 27 Nov 2021 05:41:37 GMT
X-Powered-By: ASP.NET
exoasdus-walle.azurewebsites.net/wp-content/uploads/2021/11/header-bg-desktop-1200.jpg
20.119.8.23200 OK 89 kB URL HTTP/1.1 exoasdus-walle.azurewebsites.net/wp-content/uploads/2021/11/header-bg-desktop-1200.jpg
IP 20.119.8.23:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1200x1697, components 3\012- data
Hash de36a4377797bbed6c7d3359918b2465
81f037efcef2eef0e885d7dddeb017647e0d2a9b
9c9c9ceb1a1e4c1cae366d101d9b388b45bcc204471af9143215c6a6668c6b38
Analyzer Verdict Alert openphish Crypto/Wallet
GET /wp-content/uploads/2021/11/header-bg-desktop-1200.jpg HTTP/1.1
Host: exoasdus-walle.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 89082
Content-Type: image/jpeg
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "80d17f7051e3d71:0"
Last-Modified: Sat, 27 Nov 2021 05:41:35 GMT
X-Powered-By: ASP.NET
exoasdus-walle.azurewebsites.net/wp-content/uploads/2022/01/desktop-1256-1024x524-1.png
20.119.8.23200 OK 286 kB URL HTTP/1.1 exoasdus-walle.azurewebsites.net/wp-content/uploads/2022/01/desktop-1256-1024x524-1.png
IP 20.119.8.23:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1024 x 524, 8-bit/color RGBA, non-interlaced\012- data
Size 286 kB (286325 bytes)
Hash 6da53103007b3d7065876e045fa1433e
5492f21046d73031cba268ab1fa48c5d4f6bfe98
764ad2663c9f638a9fa7bf5fad7ed1b98933bfebfa6c72938bbc12a7dfdc7702
Analyzer Verdict Alert openphish Crypto/Wallet
GET /wp-content/uploads/2022/01/desktop-1256-1024x524-1.png HTTP/1.1
Host: exoasdus-walle.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 286325
Content-Type: image/png
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "0d007ee410d81:0"
Last-Modified: Mon, 24 Jan 2022 05:37:36 GMT
X-Powered-By: ASP.NET
exoasdus-walle.azurewebsites.net/wp-content/uploads/2021/11/mobile-1257.png
20.119.8.23200 OK 281 kB URL HTTP/1.1 exoasdus-walle.azurewebsites.net/wp-content/uploads/2021/11/mobile-1257.png
IP 20.119.8.23:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1260 x 645, 8-bit/color RGBA, non-interlaced\012- data
Size 281 kB (280656 bytes)
Hash 3dda983984ac30082b0349ecb1368580
8223fb40ce1bba73657900c092d24577a09d97a3
8e2f4effa0eb1d1bf83d3d6ea7a689cd32bb14eea0ef545991d3392424695838
Analyzer Verdict Alert openphish Crypto/Wallet
GET /wp-content/uploads/2021/11/mobile-1257.png HTTP/1.1
Host: exoasdus-walle.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 280656
Content-Type: image/png
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "802be27251e3d71:0"
Last-Modified: Sat, 27 Nov 2021 05:41:39 GMT
X-Powered-By: ASP.NET
api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=13221150&url=https%3A%2F%2Fexoasdus-walle.azurewebsites.net%2F&channel_type=code&jsonp=__fpvbaeli2qh
23.36.79.17200 OK 80 B URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=13221150&url=https%3A%2F%2Fexoasdus-walle.azurewebsites.net%2F&channel_type=code&jsonp=__fpvbaeli2qh
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash fb56f357262d5547a8b9cad3cc1a45d5
5e1e4534fa8cff1f9fb86d8c1fc7c97e6d5dbe13
979ebcacb6c4cd28b173dedf26f775c00bbb0eb702a31fef836a766da4a81070
GET /v3.3/customer/action/get_dynamic_configuration?license_id=13221150&url=https%3A%2F%2Fexoasdus-walle.azurewebsites.net%2F&channel_type=code&jsonp=__fpvbaeli2qh HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
content-length: 80
date: Tue, 04 Oct 2022 08:57:10 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18088
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 08:57:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18088
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 08:57:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18088
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 08:57:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18088
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 08:57:10 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6c6882c60d7ca6f918c77104e3ad1d52
20ef861be49c652a938e0145e4ca3a60159367e2
861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ovm2wuk28PygH4EZNEUoPchoHQggWCyXbYHOjMV1tZmfyDrL6PjPZA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:29:19 GMT
age: 37671
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18088
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 08:57:10 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6779181f9c06975f2a662da743893939
585e7146fd24cdc2496b05baafea04091dc541e2
8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MiSh_FjAciKCaOakY2mM_EHBN1Z6GIDYIP8mwS4ikkrToQN3Ktsv2g==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:56:46 GMT
age: 39624
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8287b853-235b-49f5-9b5c-780827ac695b.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8287b853-235b-49f5-9b5c-780827ac695b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7b7345414898d451d930431b46d4bd00
a36475a0ec7d7b92593cadd4aa99ca38550f1cd1
79b541c69c78df0e4a4c26438431fd6b52754b589d80e929a4203063712a540c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8287b853-235b-49f5-9b5c-780827ac695b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9855
x-amzn-requestid: 15f15a2e-0028-40ac-be8f-8e20c37fd27e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHuGX7oAMFgDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-5fe693f30c91e4c82c8accb1;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ngoNHOX6fFTGa1Y_-yFOFUYYYqiLJCQOq3NISbmc3gX21YO0TLxx0w==
via: 1.1 b637bd7696854d7acbf96132dcf53200.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 23:37:00 GMT
etag: "a36475a0ec7d7b92593cadd4aa99ca38550f1cd1"
content-type: image/jpeg
age: 33610
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 04:42:53 GMT
age: 15257
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
exoasdus-walle.azurewebsites.net/wp-content/uploads/2022/06/Apps_ExodusLogo-300x300.jpeg
20.119.8.23200 OK 8.7 kB URL HTTP/1.1 exoasdus-walle.azurewebsites.net/wp-content/uploads/2022/06/Apps_ExodusLogo-300x300.jpeg
IP 20.119.8.23:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Hash e7575eeff75ea22423b3c4c1c37e8042
f45e44b4e9a8bb342586c1cfc24a67a57c4e2fc1
a0c6a26a4b478747183adffcc794cd1891ee9e0265f62105392d476932bd2f45
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/uploads/2022/06/Apps_ExodusLogo-300x300.jpeg HTTP/1.1
Host: exoasdus-walle.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 8711
Content-Type: image/jpeg
Date: Tue, 04 Oct 2022 08:57:10 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "80158bbfc575d81:0"
Last-Modified: Wed, 01 Jun 2022 14:41:59 GMT
X-Powered-By: ASP.NET
exoasdus-walle.azurewebsites.net/wp-content/uploads/2022/06/Apps_ExodusLogo-150x150.jpeg
20.119.8.23200 OK 4.0 kB URL HTTP/1.1 exoasdus-walle.azurewebsites.net/wp-content/uploads/2022/06/Apps_ExodusLogo-150x150.jpeg
IP 20.119.8.23:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Hash f03c73d4b60cd73a88a61f6b8d290e7f
abc06fb314e69becc02623b544d2bfb35db5bb15
0e51864f5f6a130346309d0a33732f4562db4bdfd93c958f409aafa23e2a753e
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
GET /wp-content/uploads/2022/06/Apps_ExodusLogo-150x150.jpeg HTTP/1.1
Host: exoasdus-walle.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 3973
Content-Type: image/jpeg
Date: Tue, 04 Oct 2022 08:57:10 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "80158bbfc575d81:0"
Last-Modified: Wed, 01 Jun 2022 14:41:59 GMT
X-Powered-By: ASP.NET
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c459c91-b5cc-492c-9573-3101e5df6b51.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c459c91-b5cc-492c-9573-3101e5df6b51.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 34f2dfb2faff276db1d4a57739db2450
f5ce815082043a4efce28fc790ae7d8b3a8531f8
e02ea92f0be524ccfe26eee61a77e39a13d852d1ba3696f729e0f61812028667
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c459c91-b5cc-492c-9573-3101e5df6b51.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5083
x-amzn-requestid: ed99df03-5d15-4e09-9aea-bbf77a705323
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpI0HT0IAMFxvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b556b-422197147d76caac6e910664;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:35 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pddStyEpwVdYKSAUVcpupnWVPw6ALoYCouHQzixF_vTgXdpVF60ElA==
via: 1.1 946b9edb2009c5508a0fbbd636f95014.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:10:59 GMT
age: 38771
etag: "f5ce815082043a4efce28fc790ae7d8b3a8531f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8c08f8066cc732de8befd6ccd629a95
22aab05208a01ae5def4d63dc145085630f57bcb
f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p5nOqBojKO6S-c_DxIu8B3p-NK0pzRHkz0DOPeyv7PQt9h0x1jdtoQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:55:54 GMT
age: 39676
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
151.101.85.229200 OK 64 kB URL HTTP/2 cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
IP 151.101.85.229:0
Hash c1b2d28d23ea50f7b8fa88eba37d137b
b88d883d13886db98338c87cf364c78cc4c912de
8a4a830e8d16a69b949a6877eaa7f619ac2f11de9ed635a7cb20c3248d72b9af
GET /emojione/2.2.7/lib/js/emojione.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 04 Oct 2022 08:57:11 GMT
age: 17020188
x-served-by: cache-fra19156-FRA, cache-bma1674-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 53889
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash 6b964f793822e58668eeb51c6e590772
c33a0596e8118c45baa45a838378c7b07ad7ea44
0eb5e78443c90742cf30521f5eea6d02fcc0aeb5daa7630b1b53769020d39c14
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 08:57:11 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "B8E59B3271BFE6C2A95A2606597D4B761EB9266F"
Expires: Tue, 04 Oct 2022 20:00:00 GMT
Last-Modified: Tue, 04 Oct 2022 08:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 72
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754cb567e82eb521-OSL
vsa78.tawk.to/s/?k=633bf5670deed77be7b63bb9&cver=0&pop=false&asver=2282&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MmU3YjVkZjM3ODk4OTEyZTk2MDllYzIiLCJ2aWQiOiJiM2ZhODk4NTA0ZWZjNGM2ZWFhOTM1MGZlMmQ0YTcxM2QyMzUxY2UzZGJhNjM1M2NhZDk4ZWU2ZDE4MTNhMmM0Iiwic2lkIjoiNjMzYmY1NjcwZGVlZDc3YmU3YjYzYmI5IiwiaWF0IjoxNjY0ODczODMxLCJleHAiOjE2NjQ4NzU2MzEsImp0aSI6IjlmZ1BEa2RSVUo3dXJoN3ZmVjlCdSJ9.4pegCsMDAQa409ILYp3oYfNI_W2fcRAHp9SItycxIJpXgzgEDBowa-phGqFdNnuQAl6ulQYjzQt6QtaiShCVkw&EIO=3&transport=websocket&__t=OEYDffV
172.67.38.66101 Switching Protocols 2.0 kB URL HTTP/1.1 vsa78.tawk.to/s/?k=633bf5670deed77be7b63bb9&cver=0&pop=false&asver=2282&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MmU3YjVkZjM3ODk4OTEyZTk2MDllYzIiLCJ2aWQiOiJiM2ZhODk4NTA0ZWZjNGM2ZWFhOTM1MGZlMmQ0YTcxM2QyMzUxY2UzZGJhNjM1M2NhZDk4ZWU2ZDE4MTNhMmM0Iiwic2lkIjoiNjMzYmY1NjcwZGVlZDc3YmU3YjYzYmI5IiwiaWF0IjoxNjY0ODczODMxLCJleHAiOjE2NjQ4NzU2MzEsImp0aSI6IjlmZ1BEa2RSVUo3dXJoN3ZmVjlCdSJ9.4pegCsMDAQa409ILYp3oYfNI_W2fcRAHp9SItycxIJpXgzgEDBowa-phGqFdNnuQAl6ulQYjzQt6QtaiShCVkw&EIO=3&transport=websocket&__t=OEYDffV
IP 172.67.38.66:0
Hash 71daf0f11b1d5c0fb31d88a62eb4cef2
a7bf6dd7fdb78505e19dc460fa407a4ffc33249f
79bc5b025a23a099d01174f9f055030a01ebb147d57322d569412dbd873fa1ff
GET /s/?k=633bf5670deed77be7b63bb9&cver=0&pop=false&asver=2282&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MmU3YjVkZjM3ODk4OTEyZTk2MDllYzIiLCJ2aWQiOiJiM2ZhODk4NTA0ZWZjNGM2ZWFhOTM1MGZlMmQ0YTcxM2QyMzUxY2UzZGJhNjM1M2NhZDk4ZWU2ZDE4MTNhMmM0Iiwic2lkIjoiNjMzYmY1NjcwZGVlZDc3YmU3YjYzYmI5IiwiaWF0IjoxNjY0ODczODMxLCJleHAiOjE2NjQ4NzU2MzEsImp0aSI6IjlmZ1BEa2RSVUo3dXJoN3ZmVjlCdSJ9.4pegCsMDAQa409ILYp3oYfNI_W2fcRAHp9SItycxIJpXgzgEDBowa-phGqFdNnuQAl6ulQYjzQt6QtaiShCVkw&EIO=3&transport=websocket&__t=OEYDffV HTTP/1.1
Host: vsa78.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://exoasdus-walle.azurewebsites.net
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LHjBuNZdEPwU32YYNtSftQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 04 Oct 2022 08:57:12 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: ey35loV5iuCrBz+N7px7Ls7BFrE=
sec-websocket-extensions: permessage-deflate
strict-transport-security: max-age=0; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 754cb566d8f3b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f385d19-576b-44dc-833a-4146626070e5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f385d19-576b-44dc-833a-4146626070e5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 23ba112cb712c07d19994e82fbaa17c0
0aba06667d4cb108fddaf2c54c4ae628f56018e3
f8095524c5ade5bb5e12a6a5d23e34eab6dd61acf658664f83a0c39821fd3a33
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f385d19-576b-44dc-833a-4146626070e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 12252
x-amzn-requestid: 41962b0e-db82-4872-9a9c-7bf2d5a0fb13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHuGLWIAMFpbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-708b71f71a538c1112b60863;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rJoxxp0Qi2vpD-vBjYeMl49oj1i8rXaBR_J6idOWyg1Enk-ZSX-g8Q==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:34:30 GMT
age: 37367
etag: "0aba06667d4cb108fddaf2c54c4ae628f56018e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;1,100;1,200;1,300&family=Open+Sans:ital,wght@0,800;1,300;1,700;1,800&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Public+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Spartan:wght@100;200;300;400;500;600;700;800;900&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;1,100;1,200;1,300&family=Open+Sans:ital,wght@0,800;1,300;1,700;1,800&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Public+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Spartan:wght@100;200;300;400;500;600;700;800;900&display=swap
IP 142.250.74.10:0
GET /css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;1,100;1,200;1,300&family=Open+Sans:ital,wght@0,800;1,300;1,700;1,800&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Public+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Spartan:wght@100;200;300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 08:57:09 GMT
date: Tue, 04 Oct 2022 08:57:09 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-app.js
104.22.25.131200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-app.js
IP 104.22.25.131:0
GET /_s/v4/app/63258f417d7/js/twk-app.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exoasdus-walle.azurewebsites.net
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:57:10 GMT
content-type: application/javascript
age: 40244
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 754cb561fe9eb503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-runtime.js
104.22.25.131200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-runtime.js
IP 104.22.25.131:0
GET /_s/v4/app/63258f417d7/js/twk-runtime.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exoasdus-walle.azurewebsites.net
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:57:10 GMT
content-type: application/javascript
age: 40244
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"31ca85b2b61bb42db4e40c2e9429f7dc"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 754cb561fe9ab503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-common.js
104.22.25.131200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-common.js
IP 104.22.25.131:0
GET /_s/v4/app/63258f417d7/js/twk-chunk-common.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exoasdus-walle.azurewebsites.net
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:57:10 GMT
content-type: application/javascript
age: 40243
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"c262969ff89da8a8b3994883a0f57085"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 754cb561fe95b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-vendor.js
104.22.25.131200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-vendor.js
IP 104.22.25.131:0
GET /_s/v4/app/63258f417d7/js/twk-vendor.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exoasdus-walle.azurewebsites.net
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:57:10 GMT
content-type: application/javascript
age: 40243
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 754cb561ee8cb503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-vendors.js
104.22.25.131200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-vendors.js
IP 104.22.25.131:0
GET /_s/v4/app/63258f417d7/js/twk-chunk-vendors.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exoasdus-walle.azurewebsites.net
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:57:10 GMT
content-type: application/javascript
age: 40244
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"81c2642aac0b88b6b237d279f5f8ce67"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 754cb561ee93b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/62e7b5df37898912e9609ec2/1g9chssn8
104.22.25.131200 OK 0 B URL HTTP/2 embed.tawk.to/62e7b5df37898912e9609ec2/1g9chssn8
IP 104.22.25.131:0
GET /62e7b5df37898912e9609ec2/1g9chssn8 HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exoasdus-walle.azurewebsites.net
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:57:10 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
etag: W/"stable-v4-63258f417d7"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
server: cloudflare
cf-ray: 754cb55d383eb503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-main.js
104.22.25.131200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-main.js
IP 104.22.25.131:0
GET /_s/v4/app/63258f417d7/js/twk-main.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exoasdus-walle.azurewebsites.net
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:57:10 GMT
content-type: application/javascript
age: 40244
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"da5bb1dc647470204df0e49f5afac2de"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 754cb561ee90b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Inter:wght@300;400;500;700;800;900&family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Open+Sans+Condensed:ital,wght@0,300;0,700;1,300&family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Public+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Raleway:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Signika:wght@300;400;500;600;700&family=Spartan:wght@100;200;300;400;500;600;700;800;900&family=Spectral:ital,wght@0,200;1,200&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Inter:wght@300;400;500;700;800;900&family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Open+Sans+Condensed:ital,wght@0,300;0,700;1,300&family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Public+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Raleway:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Signika:wght@300;400;500;600;700&family=Spartan:wght@100;200;300;400;500;600;700;800;900&family=Spectral:ital,wght@0,200;1,200&display=swap
IP 142.250.74.10:0
GET /css2?family=Inter:wght@300;400;500;700;800;900&family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Open+Sans+Condensed:ital,wght@0,300;0,700;1,300&family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Public+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Raleway:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Signika:wght@300;400;500;600;700&family=Spartan:wght@100;200;300;400;500;600;700;800;900&family=Spectral:ital,wght@0,200;1,200&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 08:57:09 GMT
date: Tue, 04 Oct 2022 08:57:09 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2