Overview

URL exoasdus-walle.azurewebsites.net/
IP20.119.8.23
ASNMICROSOFT-CORP-MSN-AS-BLOCK
Location United States
Report completed2022-10-04 08:57:19 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-10-03 2 exoasdus-walle.azurewebsites.net/ Crypto/Wallet
2022-10-03 2 exoasdus-walle.azurewebsites.net/ Crypto/Wallet
2022-10-03 2 exoasdus-walle.azurewebsites.net/ Crypto/Wallet
2022-10-03 2 exoasdus-walle.azurewebsites.net/ Crypto/Wallet
2022-10-03 2 exoasdus-walle.azurewebsites.net/ Crypto/Wallet
2022-10-03 2 exoasdus-walle.azurewebsites.net/ Crypto/Wallet
2022-10-03 2 exoasdus-walle.azurewebsites.net/ Crypto/Wallet
2022-10-03 2 exoasdus-walle.azurewebsites.net/ Crypto/Wallet
2022-10-03 2 exoasdus-walle.azurewebsites.net/ Crypto/Wallet
2022-10-03 2 exoasdus-walle.azurewebsites.net/ Crypto/Wallet
2022-10-03 2 exoasdus-walle.azurewebsites.net/ Crypto/Wallet
2022-10-03 2 exoasdus-walle.azurewebsites.net/ Crypto/Wallet
2022-10-03 2 exoasdus-walle.azurewebsites.net/ Crypto/Wallet
2022-10-03 2 exoasdus-walle.azurewebsites.net/ Crypto/Wallet
2022-10-03 2 exoasdus-walle.azurewebsites.net/ Crypto/Wallet
2022-10-03 2 exoasdus-walle.azurewebsites.net/ Crypto/Wallet
2022-10-03 2 exoasdus-walle.azurewebsites.net/ Crypto/Wallet
2022-10-03 2 exoasdus-walle.azurewebsites.net/ Crypto/Wallet
2022-10-03 2 exoasdus-walle.azurewebsites.net/ Crypto/Wallet
2022-10-03 2 exoasdus-walle.azurewebsites.net/ Crypto/Wallet
2022-10-03 2 exoasdus-walle.azurewebsites.net/ Crypto/Wallet
2022-10-03 2 exoasdus-walle.azurewebsites.net/ Crypto/Wallet
2022-10-03 2 exoasdus-walle.azurewebsites.net/ Crypto/Wallet
2022-10-03 2 exoasdus-walle.azurewebsites.net/ Crypto/Wallet
2022-10-03 2 exoasdus-walle.azurewebsites.net/ Crypto/Wallet
2022-10-03 2 exoasdus-walle.azurewebsites.net/ Crypto/Wallet
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-04 2 exoasdus-walle.azurewebsites.net/ Phishing
2022-10-04 2 exoasdus-walle.azurewebsites.net/wp-includes/css/dist/block-library/style.m (...) Phishing
2022-10-04 2 exoasdus-walle.azurewebsites.net/wp-content/plugins/js_composer/assets/css/ (...) Phishing
2022-10-04 2 exoasdus-walle.azurewebsites.net/wp-content/themes/schema-lite/style.css?ve (...) Phishing
2022-10-04 2 exoasdus-walle.azurewebsites.net/wp-includes/js/jquery/jquery-migrate.min.j (...) Phishing
2022-10-04 2 exoasdus-walle.azurewebsites.net/wp-content/themes/schema-lite/js/customscr (...) Phishing
2022-10-04 2 exoasdus-walle.azurewebsites.net/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 Phishing
2022-10-04 2 exoasdus-walle.azurewebsites.net/wp-includes/js/jquery/ui/menu.min.js?ver=1.13.1 Phishing
2022-10-04 2 exoasdus-walle.azurewebsites.net/wp-includes/js/dist/dom-ready.min.js?ver=d (...) Phishing
2022-10-04 2 exoasdus-walle.azurewebsites.net/wp-includes/js/dist/vendor/wp-polyfill.min (...) Phishing
2022-10-04 2 exoasdus-walle.azurewebsites.net/wp-includes/js/dist/i18n.min.js?ver=ebee46 (...) Phishing
2022-10-04 2 exoasdus-walle.azurewebsites.net/wp-includes/js/dist/a11y.min.js?ver=a38319 (...) Phishing
2022-10-04 2 exoasdus-walle.azurewebsites.net/wp-includes/js/jquery/ui/mouse.min.js?ver= (...) Phishing
2022-10-04 2 exoasdus-walle.azurewebsites.net/wp-includes/js/jquery/jquery.form.min.js?v (...) Phishing
2022-10-04 2 exoasdus-walle.azurewebsites.net/wp-includes/js/jquery/jquery.ui.touch-punc (...) Phishing
2022-10-04 2 exoasdus-walle.azurewebsites.net/wp-content/plugins/js_composer/assets/js/d (...) Phishing
2022-10-04 2 exoasdus-walle.azurewebsites.net/wp-content/uploads/2022/06/Apps_ExodusLogo (...) Phishing
2022-10-04 2 exoasdus-walle.azurewebsites.net/wp-content/uploads/2022/06/Apps_ExodusLogo (...) Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (18)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-03 08:07:24 UTC 143.204.55.35
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-03 09:28:24 UTC 34.117.237.239
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-10-04 02:06:24 UTC 93.184.220.29
mnemonic passive DNS cdn.jsdelivr.net (1) 439 2012-09-30 00:15:09 UTC 2022-10-04 04:19:28 UTC 151.101.85.229
mnemonic passive DNS vsa78.tawk.to (1) 0 2020-03-11 12:20:35 UTC 2022-10-03 11:35:22 UTC 172.67.38.66 Domain (tawk.to) ranked at: 6313
mnemonic passive DNS exoasdus-walle.azurewebsites.net (32) 0 2022-10-04 00:16:23 UTC 2022-10-04 01:09:58 UTC 20.119.8.23 Unknown ranking
mnemonic passive DNS cdnjs.cloudflare.com (1) 235 2020-10-20 10:17:36 UTC 2022-10-04 04:47:48 UTC 104.17.25.14
mnemonic passive DNS fonts.gstatic.com (1) 0 2014-08-29 13:43:22 UTC 2022-10-03 23:48:04 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS embed.tawk.to (7) 8650 2014-03-19 21:03:49 UTC 2022-10-04 05:54:10 UTC 104.22.25.131
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-03 09:28:24 UTC 54.187.146.10
mnemonic passive DNS cdn.livechatinc.com (1) 6288 2012-06-22 08:37:34 UTC 2022-10-04 06:11:46 UTC 23.36.79.17
mnemonic passive DNS api.livechatinc.com (1) 5353 2013-12-20 14:27:35 UTC 2022-10-04 06:10:56 UTC 23.36.79.17
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-04 00:45:50 UTC 143.204.55.27
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-10-03 07:33:36 UTC 23.36.76.226
mnemonic passive DNS ocsp.pki.goog (8) 175 2017-06-14 07:23:31 UTC 2022-10-03 07:14:52 UTC 142.250.74.3
mnemonic passive DNS fonts.googleapis.com (4) 8877 2013-06-10 20:14:26 UTC 2022-10-04 02:04:45 UTC 142.250.74.10
mnemonic passive DNS img-getpocket.cdn.mozilla.net (7) 1631 2017-09-01 03:40:57 UTC 2022-10-04 04:18:32 UTC 34.120.237.76
mnemonic passive DNS ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-10-04 04:22:54 UTC 104.18.21.226


Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 20.119.8.23

Date UQ / IDS / BL URL IP
2022-10-04 08:57:19 +0000
0 - 0 - 44 exoasdus-walle.azurewebsites.net/ 20.119.8.23

Last 5 reports on ASN: MICROSOFT-CORP-MSN-AS-BLOCK

Date UQ / IDS / BL URL IP
2022-12-09 06:37:13 +0000
0 - 0 - 20 20.107.221.64/login.php?mobile=iPad=&ip=54.24 (...) 20.107.221.64
2022-12-09 06:17:59 +0000
9 - 0 - 1 app.secads.club/subu8870195e4983687bb781f16f3 (...) 20.113.67.50
2022-12-09 04:45:51 +0000
0 - 0 - 1 clicknows.mlbbclaim22free.work.gd/ 20.9.70.76
2022-12-09 04:39:21 +0000
0 - 0 - 1 fc9ckix0prb.sorg.cc/ 204.95.99.251
2022-12-09 04:24:57 +0000
0 - 0 - 12 w.luxeportal.net/UAC?cmpid=401033&aid=500365& (...) 20.49.104.48

Last 1 reports on domain: exoasdus-walle.azurewebsites.net

Date UQ / IDS / BL URL IP
2022-10-04 08:57:19 +0000
0 - 0 - 44 exoasdus-walle.azurewebsites.net/ 20.119.8.23

Last 2 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-09-23 20:31:59 +0000
0 - 0 - 56 exosiuds-walle.azurewebsites.net/ 20.118.56.10
2022-09-02 23:17:26 +0000
0 - 0 - 23 exoxdsduds-walle.azurewebsites.net/ 40.112.243.96


JavaScript

Executed Scripts (42)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (77)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 08:47:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tAcpdLGu7WeiSCdnB2kbFKFMFaw-L4meTR_Ouetlhd2u1nLvc0ajnw==
Age: 604


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11014
Expires: Tue, 04 Oct 2022 12:00:42 GMT
Date: Tue, 04 Oct 2022 08:57:08 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -Z82V-On3LLZtLmV5RJJN5Kisqrhc_LF9vAtQkgAHn2w3vNGp4XWSQ==
age: 12521
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 04 Oct 2022 08:57:08 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 08:29:33 GMT
Expires: Tue, 04 Oct 2022 09:26:52 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WkvbKSXtDnX74LImVEymssJZBd5bvQABhhIA8Mfov7ABwaGUq2yXmQ==
Age: 1655


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3312
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 08:57:09 GMT
Last-Modified: Tue, 04 Oct 2022 08:01:57 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: exoasdus-walle.azurewebsites.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         20.119.8.23
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Content-Length: 11913
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.28, ASP.NET
Link: <https://exoasdus-walle.azurewebsites.net/wp-json/>; rel="https://api.w.org/", <https://exoasdus-walle.azurewebsites.net/wp-json/wp/v2/pages/1254>; rel="alternate"; type="application/json", <https://exoasdus-walle.azurewebsites.net/>; rel=shortlink


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8047), with CRLF, LF line terminators
Size:   11913
Md5:    49cd58ee785e98ac3a685a7af40bbd92
Sha1:   31b2c2ad43cb0c47b2b6ba7deff31d3e563c9b58
Sha256: e3f5139fbe10d70bd8600a76b0b06d4c0a0a4fa00e7b8ecaf42420f65ed872cb

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
    - fortinet: Phishing
                                        
                                            GET /ajax/libs/font-awesome/5.15.4/css/all.min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exoasdus-walle.azurewebsites.net
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Tue, 04 Oct 2022 08:57:09 GMT
content-length: 10462
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "613fa20b-28de"
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 449495
expires: Sun, 24 Sep 2023 08:57:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8kZiv0S8WgYhXTtWTYJ80Uh8g7MEOt9jnC4LogOKJraAXxfSfDLupJ2Dr4oFm2mV8ocbBKjbYOpb%2Fm03ys68K5AgzXwhEwC8YZyG0tq4d1eG%2BHwXf7wViK02kDFdRTrmBd4BwOQX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 754cb55998810b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (59119)
Size:   10462
Md5:    14e1692fd4263ccfea0b84299bdbf1f5
Sha1:   7783020a9ced5f32c8d38205357c7d10798be1fd
Sha256: 8ff0cd2d1e7f0b6203a762fb9811256d4445a3ad0d97f07102e038ba0eb3db72
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 08:57:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1 
Host: exoasdus-walle.azurewebsites.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         20.119.8.23
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Length: 16612
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "1c6f3d2ecd2d81:0"
Last-Modified: Wed, 28 Sep 2022 03:46:00 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET


--- Additional Info ---
Magic:  ASCII text, with very long lines (43771)
Size:   16612
Md5:    80e77ee88576bf29fce3627b7a68ba93
Sha1:   cad7a80e221262df968ef3cf18edbfc2c6a01388
Sha256: 7629ec786ee7f42bbd14715062a2e8fafe210484570acd4f06aef19191e160d6

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
    - fortinet: Phishing
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vV4YJp4hvOEPUl1fGS7Iqw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.187.146.10
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Cqu3rJHd1DVjNyoMxNB5WQEGQg8=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 08:57:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 08:57:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 08:57:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 08:57:09 GMT
date: Tue, 04 Oct 2022 08:57:09 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1470
Md5:    e868ef2f9a7209a6cbfec44af236a857
Sha1:   9308677d293a232dbf5d777f7ed971ab3f94bd56
Sha256: 8689d66dfd533a0a5f1df66627bae28e07751cddd8033f2b566627b75b67997b
                                        
                                            GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.5.2 HTTP/1.1 
Host: exoasdus-walle.azurewebsites.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         20.119.8.23
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "06abaf5b4c0d71:0"
Last-Modified: Thu, 14 Oct 2021 04:35:48 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: ASP.NET


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   67384
Md5:    5618712eca99f4833f32001a75427a9c
Sha1:   8919c987a8f9a61d83a6cd521040b58e04c5e925
Sha256: b524a4272da9f25638ce252b729e36dc9fd5f98cb159f795113eac5c6b31b005

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/schema-lite/style.css?ver=6.0.2 HTTP/1.1 
Host: exoasdus-walle.azurewebsites.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         20.119.8.23
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Length: 14088
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "80108424b4c0d71:0"
Last-Modified: Thu, 14 Oct 2021 04:29:57 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET


--- Additional Info ---
Magic:  ASCII text, with very long lines (362), with CRLF line terminators
Size:   14088
Md5:    97e4fb38b645dc816a2c4724896996a5
Sha1:   5cd5f9e026de0819c0428600ed46b85c0fef8e7f
Sha256: 9d99894d001cde9e052888757287c24f73214907b34accd955abd202e1913d72

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: exoasdus-walle.azurewebsites.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         20.119.8.23
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 4994
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "c12263ddecd2d81:0"
Last-Modified: Wed, 28 Sep 2022 03:46:17 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   4994
Md5:    f9aa3aa9fd0743851fe52747dc98ab58
Sha1:   20efd968d25b0f720cc71f97b8522f95120085a1
Sha256: a6a2336d4bbf7f10472afd72c043f7a3bc4628665efcf53af07f0dd24a7c8483

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/schema-lite/js/customscripts.js?ver=6.0.2 HTTP/1.1 
Host: exoasdus-walle.azurewebsites.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         20.119.8.23
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 1284
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "80108424b4c0d71:0"
Last-Modified: Thu, 14 Oct 2021 04:29:57 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1284
Md5:    eaa6159215c1befb22bc1f619879cab7
Sha1:   80a2cddeaa140ce80e033b18b15a69cc67f1d8aa
Sha256: d4d6608d044d9cccc07eea8dd16b86ed32307d0ec2cbd100d07306b8595ecffc

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1 
Host: exoasdus-walle.azurewebsites.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         20.119.8.23
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 8433
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "4711e4ddecd2d81:0"
Last-Modified: Wed, 28 Sep 2022 03:46:18 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (8189)
Size:   8433
Md5:    6eef3794b9d9d12e3cf9b1f59ff18d7b
Sha1:   f66e1ecba718850c89876aa833af3d315eb997d7
Sha256: cca45babcbf4027ed2d560827bde4c164dbc75e30d51d0b12638353bd2261863

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/ui/menu.min.js?ver=1.13.1 HTTP/1.1 
Host: exoasdus-walle.azurewebsites.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         20.119.8.23
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 3823
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "f08888deecd2d81:0"
Last-Modified: Wed, 28 Sep 2022 03:46:19 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET


--- Additional Info ---
Magic:  ASCII text, with very long lines (9937)
Size:   3823
Md5:    dfb71fe73912c11a0c2f9478ccf81a72
Sha1:   28cb99a512d1610d6a4a88fad43cc8a40cfb98ca
Sha256: 5abff655a63b1774403944940474aebd5da8a094db4102613401e1b3d1118980

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1 
Host: exoasdus-walle.azurewebsites.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         20.119.8.23
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 3001
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "794fc3dcecd2d81:0"
Last-Modified: Wed, 28 Sep 2022 03:46:16 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET


--- Additional Info ---
Magic:  ASCII text, with very long lines (6475), with no line terminators
Size:   3001
Md5:    aa0bacc537dc46dac7d582c8405b79ef
Sha1:   ac13a41e7392f4ee2730173c39b424d746dcd976
Sha256: 66ee4d35b41ff015933b533d4c230633febc0b6331e181a8ee357cf3113dbbd1
                                        
                                            GET /wp-includes/js/dist/dom-ready.min.js?ver=d996b53411d1533a84951212ab6ac4ff HTTP/1.1 
Host: exoasdus-walle.azurewebsites.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         20.119.8.23
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 469
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "bbbaa5daecd2d81:0"
Last-Modified: Wed, 28 Sep 2022 03:46:12 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET


--- Additional Info ---
Magic:  ASCII text, with very long lines (463)
Size:   469
Md5:    efe0c3c7ed1c68e955b61de05df9c070
Sha1:   cf6e35a0f996d5a9a78153083fede9e348cebe31
Sha256: 02b53fef2560b2bee82ef8dff015460f2bc6c41c7c45e88fc3074382c03a6656

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1 
Host: exoasdus-walle.azurewebsites.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         20.119.8.23
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 8823
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "62c43ddecd2d81:0"
Last-Modified: Wed, 28 Sep 2022 03:46:16 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Size:   8823
Md5:    48127590d647b94c77867c4fe0275567
Sha1:   c1d6a51517e67aca91f8f9162badbcf857ff2c03
Sha256: 18ab5dd112b5b690e3dddefdbdde358179a6fe48181b05c7e3afe9ff2bf38470

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 HTTP/1.1 
Host: exoasdus-walle.azurewebsites.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         20.119.8.23
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 2063
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "5a525ddbecd2d81:0"
Last-Modified: Wed, 28 Sep 2022 03:46:14 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET


--- Additional Info ---
Magic:  ASCII text, with very long lines (4875)
Size:   2063
Md5:    56182e12661d0b49f0bc73b17ff87b22
Sha1:   05d457aa272b52ff037a21e27e8649a9ab0211d2
Sha256: 78f77f6f9f4d768b43f291920b5a563bf11360a2c2f228a0f1f425d7b2ce7fbc
                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1 
Host: exoasdus-walle.azurewebsites.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         20.119.8.23
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 39763
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "fb3395ddecd2d81:0"
Last-Modified: Wed, 28 Sep 2022 03:46:17 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   39763
Md5:    59e233ae35f844463587a189f62aacef
Sha1:   92f46e8f1d1954040e9ff19d7702e5ac3cd1ecd6
Sha256: 3ba6995e7f9d8ad74faf6ca6a812ba743dc8d237ef570151fbd20ee8719e4f63
                                        
                                            GET /wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 HTTP/1.1 
Host: exoasdus-walle.azurewebsites.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         20.119.8.23
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 4704
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "eff079dbecd2d81:0"
Last-Modified: Wed, 28 Sep 2022 03:46:14 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET


--- Additional Info ---
Magic:  data
Size:   4704
Md5:    e07888f2f813bdbc7044798bac5c2b85
Sha1:   3b63cb17f7bd7783273e1c1f23bbe8bc6266b2aa
Sha256: ca53f39a6c8cf92cce2372dda51b8716130877ca16b9666d9493ef31b96dda47

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/dist/a11y.min.js?ver=a38319d7ba46c6e60f7f9d4c371222c5 HTTP/1.1 
Host: exoasdus-walle.azurewebsites.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         20.119.8.23
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 1247
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "ee12f1d7ecd2d81:0"
Last-Modified: Wed, 28 Sep 2022 03:46:08 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (2472)
Size:   1247
Md5:    b41d1cd16d0816ed58e3b798b4126c86
Sha1:   688fa96f04c46371d5810725f1d0db46ab79c82a
Sha256: 8a1611c7e06fc4430916daa4ef944cf9e63dd0022f57feee2c9145dbed8d4d53

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.13.1 HTTP/1.1 
Host: exoasdus-walle.azurewebsites.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         20.119.8.23
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 3599
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "e0e4c4ddecd2d81:0"
Last-Modified: Wed, 28 Sep 2022 03:46:18 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET


--- Additional Info ---
Magic:  ASCII text, with very long lines (8339)
Size:   3599
Md5:    d756b36ae042e97fc29413cae9c78e28
Sha1:   9426ba574b858f28c305425594037c8cfc500da5
Sha256: d65e138ed63bd768b45e9122631a8efdacdbcdb7d4db9ba71c84b97ccf01d267
                                        
                                            GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1 HTTP/1.1 
Host: exoasdus-walle.azurewebsites.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         20.119.8.23
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 1373
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "86af8fdeecd2d81:0"
Last-Modified: Wed, 28 Sep 2022 03:46:19 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET


--- Additional Info ---
Magic:  ASCII text, with very long lines (3233)
Size:   1373
Md5:    d07a13bdfeab4ba953c5f95b8bda9e4a
Sha1:   e2e130bba37c52e3a4a86efb2279d9a8b315af0a
Sha256: 1ff9c81bcf97272d297ab068ccc5ffc8ad7802b5a639e8f0830e5c512a292404

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1 HTTP/1.1 
Host: exoasdus-walle.azurewebsites.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         20.119.8.23
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 3861
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "4f9bbadeecd2d81:0"
Last-Modified: Wed, 28 Sep 2022 03:46:19 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET


--- Additional Info ---
Magic:  ASCII text, with very long lines (10572)
Size:   3861
Md5:    11477b80c5e580fe196c68d3dbdb877c
Sha1:   4e1b7d22cad840690e8378047aeccab0189899c0
Sha256: 02ce60cd3c3369c2ee550d00b86446336b1f687f01d72a2be6a1deb31daaf827
                                        
                                            GET /wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0 HTTP/1.1 
Host: exoasdus-walle.azurewebsites.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         20.119.8.23
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 7284
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "39e6fddecd2d81:0"
Last-Modified: Wed, 28 Sep 2022 03:46:17 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET


--- Additional Info ---
Magic:  ASCII text, with very long lines (16109), with no line terminators
Size:   7284
Md5:    9bc17134184736146c26d0dbef4b931c
Sha1:   e3cbb5e548c5884541f83f1a1da947b895746bc0
Sha256: 34d87d995a7ba93d36a698e57654fe69eb1c61070520eaa1444bd8c06fb06b38

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 08:57:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 08:57:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 08:57:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css?family=Roboto%20Slab%3A300%2C400%7CRaleway%3A400%2C500%2C700&subset=latin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 08:57:09 GMT
date: Tue, 04 Oct 2022 08:57:09 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1187
Md5:    9514866cf1cfbf7f5e8fbd94f6d1da90
Sha1:   1494af8aca86766b7895c4ce845d3490e77aecc0
Sha256: 8780f685efd67cfe7702f44aaabcf8a40b4c711a188e9621f068731914944967
                                        
                                            GET /wp-includes/js/jquery/jquery.ui.touch-punch.js?ver=0.2.2 HTTP/1.1 
Host: exoasdus-walle.azurewebsites.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         20.119.8.23
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 736
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "d2e4a5ddecd2d81:0"
Last-Modified: Wed, 28 Sep 2022 03:46:18 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET


--- Additional Info ---
Magic:  ASCII text, with very long lines (985)
Size:   736
Md5:    f85a9f326c2cf53761cc1bc3e6428583
Sha1:   0a98b875d024e3f5a547065bd59d41f0680123e6
Sha256: 00b4c005c81910783ff9030a1e5d85893963bd71a363dab00e358d5b23e46b5a

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
    - fortinet: Phishing
                                        
                                            GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://exoasdus-walle.azurewebsites.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 21:13:12 GMT
expires: Tue, 03 Oct 2023 21:13:12 GMT
cache-control: public, max-age=31536000
age: 42238
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Size:   46524
Md5:    c1fd378f54921c75e4ae1821e7b8fff6
Sha1:   2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
Sha256: 405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 08:57:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.5.2 HTTP/1.1 
Host: exoasdus-walle.azurewebsites.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         20.119.8.23
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 7087
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "03d89f4b4c0d71:0"
Last-Modified: Thu, 14 Oct 2021 04:35:46 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET


--- Additional Info ---
Magic:  ASCII text, with very long lines (19710), with no line terminators
Size:   7087
Md5:    5b9dc7beb2f10224cc736a01f356e775
Sha1:   302b25ddf1d426fc1f2b24d95f20c5b0ce316544
Sha256: e75875c490581e405078052956bafa3267be749d4b722d1ec198f8b8741d4e6b

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1 
Host: exoasdus-walle.azurewebsites.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         20.119.8.23
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Length: 6568
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "d8ffefe1ecd2d81:0"
Last-Modified: Wed, 28 Sep 2022 03:46:25 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET


--- Additional Info ---
Magic:  ASCII text, with very long lines (15660)
Size:   6568
Md5:    5b49ac9423f60e2bc202fd0f262dcbca
Sha1:   8b8e9dc543c50fa37c93b4813e7b1df0b1e3c6ca
Sha256: eece78511ada5a18c5969ad63f3458f1f1886adc05d198036c7dbf4f442299ab
                                        
                                            GET /wp-content/uploads/2021/11/apple-icon.png HTTP/1.1 
Host: exoasdus-walle.azurewebsites.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         20.119.8.23
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Content-Length: 1351
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "80f4517d54e3d71:0"
Last-Modified: Sat, 27 Nov 2021 06:03:25 GMT
X-Powered-By: ASP.NET


--- Additional Info ---
Magic:  PNG image data, 30 x 34, 8-bit/color RGBA, non-interlaced\012- data
Size:   1351
Md5:    8d930659a6fa93f62ae70a721a58994f
Sha1:   dfecdf2e1e0f3774291d223beaf89b0c121e83e3
Sha256: 8e5692741f14d3a6ee58b07d3f776441b831083057f805645b04cfdd1ae46420

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
                                        
                                            GET /tracking.js HTTP/1.1 
Host: cdn.livechatinc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Mon, 03 Oct 2022 08:52:45 GMT
x-amz-version-id: ShWf3uxOW76WIXrfmBNYEunJ4VXa8qrD
server: AmazonS3
content-encoding: br
etag: W/"76bb2b42910688967d67aa5519646e5d"
vary: Accept-Encoding
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: rn7s_tBh0iAmVniiyguB1enwQ-YRMXK5bH3Zd6OV5vDOdHRsEY6Unw==
content-length: 25677
cache-control: max-age=28800
expires: Tue, 04 Oct 2022 16:57:10 GMT
date: Tue, 04 Oct 2022 08:57:10 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   25677
Md5:    6d3a2ae40bc8b1a9d4db4491a8b8a2de
Sha1:   586a0476415b81afe725bbd9ab93052222f56a2b
Sha256: 68432d22583705e7515d896d46ac76e5962b6cdee4b2ffb24099e6abd54fc924
                                        
                                            GET /wp-content/uploads/2021/11/play-icon.png HTTP/1.1 
Host: exoasdus-walle.azurewebsites.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         20.119.8.23
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Content-Length: 1220
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "0bf451b55e3d71:0"
Last-Modified: Sat, 27 Nov 2021 06:07:50 GMT
X-Powered-By: ASP.NET


--- Additional Info ---
Magic:  PNG image data, 30 x 34, 8-bit/color RGBA, non-interlaced\012- data
Size:   1220
Md5:    9daa7e811e7a3390ea855acd7ba6c5c7
Sha1:   ccb5c343776e1ad9f3bc6e192cfebe82eebcd56a
Sha256: b8e3c8b195670b174fb3c3ebcf0fdd0c383bbba2a64a7317659cdb408efaa3f6

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
                                        
                                            GET /wp-content/uploads/2022/06/exdus_newlogo.png HTTP/1.1 
Host: exoasdus-walle.azurewebsites.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         20.119.8.23
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Content-Length: 4450
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "0f4ed7ba77d81:0"
Last-Modified: Fri, 03 Jun 2022 05:26:32 GMT
X-Powered-By: ASP.NET


--- Additional Info ---
Magic:  PNG image data, 157 x 33, 8-bit/color RGBA, non-interlaced\012- data
Size:   4450
Md5:    6e4a304504daa2053fb330567ea895f2
Sha1:   969d5a2ac59b09d759135ad53423207a2dfd1ea9
Sha256: 16e71c9791ac9d0c17143a748b19bceabf237d8bd4ab7001d7de2a53f0c7d5f6

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
                                        
                                            GET /wp-content/uploads/2021/11/social.png HTTP/1.1 
Host: exoasdus-walle.azurewebsites.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         20.119.8.23
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Content-Length: 1736
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "8085447551e3d71:0"
Last-Modified: Sat, 27 Nov 2021 05:41:43 GMT
X-Powered-By: ASP.NET


--- Additional Info ---
Magic:  PNG image data, 113 x 45, 8-bit/color RGB, non-interlaced\012- data
Size:   1736
Md5:    b00c27143e69b11e45e8633190ed9aa6
Sha1:   3295c5e61d9dc49df4f0d3cb37f0697f79c71526
Sha256: 983be928354f2903889ab8c41a88d830e1ceb2bd2a3d17c5d9dea6bcc1f37809

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
                                        
                                            GET /wp-content/uploads/2021/11/header-bg-mobile3.jpg HTTP/1.1 
Host: exoasdus-walle.azurewebsites.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         20.119.8.23
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 50584
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "80feb07151e3d71:0"
Last-Modified: Sat, 27 Nov 2021 05:41:37 GMT
X-Powered-By: ASP.NET


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1200x1697, components 3\012- data
Size:   50584
Md5:    e933081c9b04cc04778a82affe40f43e
Sha1:   93fe769b90a4087c3d767946d9bcf9bed6779349
Sha256: 4ba3f1a8c45bdeb2cd2cfe59b0fe373c724c436c5a18ef0766bae323ff0d6603

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
                                        
                                            GET /wp-content/uploads/2021/11/header-bg-desktop-1200.jpg HTTP/1.1 
Host: exoasdus-walle.azurewebsites.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         20.119.8.23
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 89082
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "80d17f7051e3d71:0"
Last-Modified: Sat, 27 Nov 2021 05:41:35 GMT
X-Powered-By: ASP.NET


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1200x1697, components 3\012- data
Size:   89082
Md5:    de36a4377797bbed6c7d3359918b2465
Sha1:   81f037efcef2eef0e885d7dddeb017647e0d2a9b
Sha256: 9c9c9ceb1a1e4c1cae366d101d9b388b45bcc204471af9143215c6a6668c6b38

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
                                        
                                            GET /wp-content/uploads/2022/01/desktop-1256-1024x524-1.png HTTP/1.1 
Host: exoasdus-walle.azurewebsites.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         20.119.8.23
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Content-Length: 286325
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "0d007ee410d81:0"
Last-Modified: Mon, 24 Jan 2022 05:37:36 GMT
X-Powered-By: ASP.NET


--- Additional Info ---
Magic:  PNG image data, 1024 x 524, 8-bit/color RGBA, non-interlaced\012- data
Size:   286325
Md5:    6da53103007b3d7065876e045fa1433e
Sha1:   5492f21046d73031cba268ab1fa48c5d4f6bfe98
Sha256: 764ad2663c9f638a9fa7bf5fad7ed1b98933bfebfa6c72938bbc12a7dfdc7702

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
                                        
                                            GET /wp-content/uploads/2021/11/mobile-1257.png HTTP/1.1 
Host: exoasdus-walle.azurewebsites.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         20.119.8.23
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Content-Length: 280656
Date: Tue, 04 Oct 2022 08:57:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "802be27251e3d71:0"
Last-Modified: Sat, 27 Nov 2021 05:41:39 GMT
X-Powered-By: ASP.NET


--- Additional Info ---
Magic:  PNG image data, 1260 x 645, 8-bit/color RGBA, non-interlaced\012- data
Size:   280656
Md5:    3dda983984ac30082b0349ecb1368580
Sha1:   8223fb40ce1bba73657900c092d24577a09d97a3
Sha256: 8e2f4effa0eb1d1bf83d3d6ea7a689cd32bb14eea0ef545991d3392424695838

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
                                        
                                            GET /v3.3/customer/action/get_dynamic_configuration?license_id=13221150&url=https%3A%2F%2Fexoasdus-walle.azurewebsites.net%2F&channel_type=code&jsonp=__fpvbaeli2qh HTTP/1.1 
Host: api.livechatinc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
legacy: 2023-06-30
vary: Accept-Encoding
content-length: 80
date: Tue, 04 Oct 2022 08:57:10 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   80
Md5:    fb56f357262d5547a8b9cad3cc1a45d5
Sha1:   5e1e4534fa8cff1f9fb86d8c1fc7c97e6d5dbe13
Sha256: 979ebcacb6c4cd28b173dedf26f775c00bbb0eb702a31fef836a766da4a81070
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18088
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 08:57:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18088
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 08:57:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18088
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 08:57:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18088
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 08:57:10 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ovm2wuk28PygH4EZNEUoPchoHQggWCyXbYHOjMV1tZmfyDrL6PjPZA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:29:19 GMT
age: 37671
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5504
Md5:    6c6882c60d7ca6f918c77104e3ad1d52
Sha1:   20ef861be49c652a938e0145e4ca3a60159367e2
Sha256: 861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18088
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 08:57:10 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MiSh_FjAciKCaOakY2mM_EHBN1Z6GIDYIP8mwS4ikkrToQN3Ktsv2g==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:56:46 GMT
age: 39624
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4858
Md5:    6779181f9c06975f2a662da743893939
Sha1:   585e7146fd24cdc2496b05baafea04091dc541e2
Sha256: 8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8287b853-235b-49f5-9b5c-780827ac695b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9855
x-amzn-requestid: 15f15a2e-0028-40ac-be8f-8e20c37fd27e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHuGX7oAMFgDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-5fe693f30c91e4c82c8accb1;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ngoNHOX6fFTGa1Y_-yFOFUYYYqiLJCQOq3NISbmc3gX21YO0TLxx0w==
via: 1.1 b637bd7696854d7acbf96132dcf53200.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 23:37:00 GMT
etag: "a36475a0ec7d7b92593cadd4aa99ca38550f1cd1"
age: 33610
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9855
Md5:    7b7345414898d451d930431b46d4bd00
Sha1:   a36475a0ec7d7b92593cadd4aa99ca38550f1cd1
Sha256: 79b541c69c78df0e4a4c26438431fd6b52754b589d80e929a4203063712a540c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 04:42:53 GMT
age: 15257
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /wp-content/uploads/2022/06/Apps_ExodusLogo-300x300.jpeg HTTP/1.1 
Host: exoasdus-walle.azurewebsites.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         20.119.8.23
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 8711
Date: Tue, 04 Oct 2022 08:57:10 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "80158bbfc575d81:0"
Last-Modified: Wed, 01 Jun 2022 14:41:59 GMT
X-Powered-By: ASP.NET


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 82", baseline, precision 8, 300x300, components 3\012- data
Size:   8711
Md5:    e7575eeff75ea22423b3c4c1c37e8042
Sha1:   f45e44b4e9a8bb342586c1cfc24a67a57c4e2fc1
Sha256: a0c6a26a4b478747183adffcc794cd1891ee9e0265f62105392d476932bd2f45

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/2022/06/Apps_ExodusLogo-150x150.jpeg HTTP/1.1 
Host: exoasdus-walle.azurewebsites.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         20.119.8.23
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 3973
Date: Tue, 04 Oct 2022 08:57:10 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "80158bbfc575d81:0"
Last-Modified: Wed, 01 Jun 2022 14:41:59 GMT
X-Powered-By: ASP.NET


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Size:   3973
Md5:    f03c73d4b60cd73a88a61f6b8d290e7f
Sha1:   abc06fb314e69becc02623b544d2bfb35db5bb15
Sha256: 0e51864f5f6a130346309d0a33732f4562db4bdfd93c958f409aafa23e2a753e

Alerts:
  Blocklists:
    - openphish: Crypto/Wallet
    - fortinet: Phishing
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c459c91-b5cc-492c-9573-3101e5df6b51.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5083
x-amzn-requestid: ed99df03-5d15-4e09-9aea-bbf77a705323
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpI0HT0IAMFxvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b556b-422197147d76caac6e910664;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:35 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pddStyEpwVdYKSAUVcpupnWVPw6ALoYCouHQzixF_vTgXdpVF60ElA==
via: 1.1 946b9edb2009c5508a0fbbd636f95014.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:10:59 GMT
age: 38771
etag: "f5ce815082043a4efce28fc790ae7d8b3a8531f8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5083
Md5:    34f2dfb2faff276db1d4a57739db2450
Sha1:   f5ce815082043a4efce28fc790ae7d8b3a8531f8
Sha256: e02ea92f0be524ccfe26eee61a77e39a13d852d1ba3696f729e0f61812028667
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p5nOqBojKO6S-c_DxIu8B3p-NK0pzRHkz0DOPeyv7PQt9h0x1jdtoQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:55:54 GMT
age: 39676
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9917
Md5:    d8c08f8066cc732de8befd6ccd629a95
Sha1:   22aab05208a01ae5def4d63dc145085630f57bcb
Sha256: f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
                                        
                                            GET /emojione/2.2.7/lib/js/emojione.min.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 04 Oct 2022 08:57:11 GMT
age: 17020188
x-served-by: cache-fra19156-FRA, cache-bma1674-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 53889
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   63652
Md5:    c1b2d28d23ea50f7b8fa88eba37d137b
Sha1:   b88d883d13886db98338c87cf364c78cc4c912de
Sha256: 8a4a830e8d16a69b949a6877eaa7f619ac2f11de9ed635a7cb20c3248d72b9af
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 08:57:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "B8E59B3271BFE6C2A95A2606597D4B761EB9266F"
Expires: Tue, 04 Oct 2022 20:00:00 GMT
Last-Modified: Tue, 04 Oct 2022 08:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 72
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754cb567e82eb521-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    6b964f793822e58668eeb51c6e590772
Sha1:   c33a0596e8118c45baa45a838378c7b07ad7ea44
Sha256: 0eb5e78443c90742cf30521f5eea6d02fcc0aeb5daa7630b1b53769020d39c14
                                        
                                            GET /s/?k=633bf5670deed77be7b63bb9&cver=0&pop=false&asver=2282&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MmU3YjVkZjM3ODk4OTEyZTk2MDllYzIiLCJ2aWQiOiJiM2ZhODk4NTA0ZWZjNGM2ZWFhOTM1MGZlMmQ0YTcxM2QyMzUxY2UzZGJhNjM1M2NhZDk4ZWU2ZDE4MTNhMmM0Iiwic2lkIjoiNjMzYmY1NjcwZGVlZDc3YmU3YjYzYmI5IiwiaWF0IjoxNjY0ODczODMxLCJleHAiOjE2NjQ4NzU2MzEsImp0aSI6IjlmZ1BEa2RSVUo3dXJoN3ZmVjlCdSJ9.4pegCsMDAQa409ILYp3oYfNI_W2fcRAHp9SItycxIJpXgzgEDBowa-phGqFdNnuQAl6ulQYjzQt6QtaiShCVkw&EIO=3&transport=websocket&__t=OEYDffV HTTP/1.1 
Host: vsa78.tawk.to
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://exoasdus-walle.azurewebsites.net
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LHjBuNZdEPwU32YYNtSftQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         172.67.38.66
HTTP/1.1 101 Switching Protocols
                                        
Date: Tue, 04 Oct 2022 08:57:12 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: ey35loV5iuCrBz+N7px7Ls7BFrE=
sec-websocket-extensions: permessage-deflate
strict-transport-security: max-age=0; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 754cb566d8f3b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400


--- Additional Info ---
Magic:  data
Size:   2036
Md5:    71daf0f11b1d5c0fb31d88a62eb4cef2
Sha1:   a7bf6dd7fdb78505e19dc460fa407a4ffc33249f
Sha256: 79bc5b025a23a099d01174f9f055030a01ebb147d57322d569412dbd873fa1ff
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f385d19-576b-44dc-833a-4146626070e5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12252
x-amzn-requestid: 41962b0e-db82-4872-9a9c-7bf2d5a0fb13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHuGLWIAMFpbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-708b71f71a538c1112b60863;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rJoxxp0Qi2vpD-vBjYeMl49oj1i8rXaBR_J6idOWyg1Enk-ZSX-g8Q==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:34:30 GMT
age: 37367
etag: "0aba06667d4cb108fddaf2c54c4ae628f56018e3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12252
Md5:    23ba112cb712c07d19994e82fbaa17c0
Sha1:   0aba06667d4cb108fddaf2c54c4ae628f56018e3
Sha256: f8095524c5ade5bb5e12a6a5d23e34eab6dd61acf658664f83a0c39821fd3a33
                                        
                                            GET /css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;1,100;1,200;1,300&family=Open+Sans:ital,wght@0,800;1,300;1,700;1,800&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Public+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Spartan:wght@100;200;300;400;500;600;700;800;900&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 08:57:09 GMT
date: Tue, 04 Oct 2022 08:57:09 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /_s/v4/app/63258f417d7/js/twk-app.js HTTP/1.1 
Host: embed.tawk.to
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exoasdus-walle.azurewebsites.net
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.22.25.131
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 04 Oct 2022 08:57:10 GMT
age: 40244
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 754cb561fe9eb503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /_s/v4/app/63258f417d7/js/twk-runtime.js HTTP/1.1 
Host: embed.tawk.to
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exoasdus-walle.azurewebsites.net
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.22.25.131
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 04 Oct 2022 08:57:10 GMT
age: 40244
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"31ca85b2b61bb42db4e40c2e9429f7dc"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 754cb561fe9ab503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /_s/v4/app/63258f417d7/js/twk-chunk-common.js HTTP/1.1 
Host: embed.tawk.to
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exoasdus-walle.azurewebsites.net
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.22.25.131
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 04 Oct 2022 08:57:10 GMT
age: 40243
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"c262969ff89da8a8b3994883a0f57085"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 754cb561fe95b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /_s/v4/app/63258f417d7/js/twk-vendor.js HTTP/1.1 
Host: embed.tawk.to
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exoasdus-walle.azurewebsites.net
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.22.25.131
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 04 Oct 2022 08:57:10 GMT
age: 40243
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 754cb561ee8cb503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /_s/v4/app/63258f417d7/js/twk-chunk-vendors.js HTTP/1.1 
Host: embed.tawk.to
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exoasdus-walle.azurewebsites.net
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.22.25.131
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 04 Oct 2022 08:57:10 GMT
age: 40244
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"81c2642aac0b88b6b237d279f5f8ce67"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 754cb561ee93b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /62e7b5df37898912e9609ec2/1g9chssn8 HTTP/1.1 
Host: embed.tawk.to
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exoasdus-walle.azurewebsites.net
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.22.25.131
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Tue, 04 Oct 2022 08:57:10 GMT
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
etag: W/"stable-v4-63258f417d7"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: REVALIDATED
x-content-type-options: nosniff
server: cloudflare
cf-ray: 754cb55d383eb503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /_s/v4/app/63258f417d7/js/twk-main.js HTTP/1.1 
Host: embed.tawk.to
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exoasdus-walle.azurewebsites.net
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.22.25.131
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 04 Oct 2022 08:57:10 GMT
age: 40244
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"da5bb1dc647470204df0e49f5afac2de"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 754cb561ee90b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css2?family=Inter:wght@300;400;500;700;800;900&family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Open+Sans+Condensed:ital,wght@0,300;0,700;1,300&family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Public+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Raleway:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Signika:wght@300;400;500;600;700&family=Spartan:wght@100;200;300;400;500;600;700;800;900&family=Spectral:ital,wght@0,200;1,200&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exoasdus-walle.azurewebsites.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 08:57:09 GMT
date: Tue, 04 Oct 2022 08:57:09 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---