{"report_id":"e1b9661f-1a14-4ab6-9b18-dde95b13a4ae","version":0,"status":"done","tags":[],"date":"2026-06-27T12:12:34Z","url":{"schema":"http","addr":"exodus-authorized.com/authentication","fqdn":"exodus-authorized.com","domain":"exodus-authorized.com","tld":"com"},"ip":{"addr":"185.92.183.187","port":0,"asn":0,"as":"","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"http","addr":"exodus-authorized.com/authentication","fqdn":"exodus-authorized.com","domain":"exodus-authorized.com","tld":"com"},"title":"Verification Portal","dom":{"size":52825,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (6345)","md5":"4ee07de4e448ad967141b8a1af162701","sha1":"dde0fb47fc88db1be2d48425ed446bbcef2afd49","sha256":"4f525b5344f455b7f5f2b28a1e223108fa20480c87c99e4be3745267839c49d7","sha512":"c6c2e370e91038968be1fb7eb7b0ee28ce2d74c42b7cd0509b36f2ea97386200752438c466c091c0d87a9fa780c2d8af6e1cbfcb33de2ac484708dd77d2372bf","ssdeep":"1536:VsIIrvzVhmSf9j7Xtow8wKMI/s+UIiczGIWL605oSDHeiA1rKD:Vm6iA1rKD","tlshash":"4e33d7e551b31026466726ba7bf75b0a37759043e146c9287bed43488fc2ec0eb53be8","dom_hash":"domhash92129cce2ef7ced6bff34d69282f3f10","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"exodus-authorized.com/authentication","fqdn":"exodus-authorized.com","domain":"exodus-authorized.com","tld":"com"},"ip":{"addr":"185.92.183.187","port":0,"asn":0,"as":"","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-01T12:12:34Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"exodus-authorized.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"exodus-authorized.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"exodus-authorized.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"exodus-authorized.com","ip":{"addr":"185.92.183.187","port":80,"asn":0,"as":"","country":"Germany","country_code":"DE"},"domain_registered":"2026-06-20","domain_rank":0,"first_seen":"2026-06-27T12:11:47.443504Z","last_seen":"2026-06-27T12:11:47.443505Z","alert_count":21,"request_count":7,"received_data":72056,"sent_data":3433,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"www.google.com","ip":{"addr":"142.251.154.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22,"first_seen":"2015-05-10T13:11:19Z","last_seen":"2026-06-21T22:45:06.213681Z","alert_count":0,"request_count":4,"received_data":1124762,"sent_data":2116,"comment":"","tags":null,"fingerprints":[{"name":"Google Web Server","description":"","website":"https://en.wikipedia.org/wiki/Google_Web_Server","common_platform_enumeration":"cpe:2.3:a:google:web_server:*:*:*:*:*:*:*:*","icon":"Google.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"raw.githubusercontent.com","ip":{"addr":"185.199.110.133","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2014-02-06","domain_rank":22021,"first_seen":"2014-03-01T07:08:08Z","last_seen":"2026-06-25T20:58:52.628733Z","alert_count":0,"request_count":1,"received_data":14032,"sent_data":518,"comment":"","tags":null,"fingerprints":[{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.exodus.com","ip":{"addr":"104.18.36.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"1994-12-15","domain_rank":202967,"first_seen":"2014-12-27T06:16:54Z","last_seen":"2026-06-23T23:56:47.306843Z","alert_count":0,"request_count":1,"received_data":108430,"sent_data":541,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"exodus-authorized.com/authentication","fqdn":"exodus-authorized.com","domain":"exodus-authorized.com","tld":"com"},"ip":{"addr":"185.92.183.187","port":80,"asn":0,"as":"","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"3a7c454bb14a78e5ff20a2012e52bd3a","sha1":"c421e161ef2eaf69f689386b1616bedbb636ffc8","sha256":"0c0164cbfaa08d75e5b481dc27cd9955d8d60794b7524bb14ec5b3ecbb6f54c1","sha512":"33d812b08b8403767c49ab553cb138107410474241d52badec88356f0d032bafdd14eee8b4214f10363764991ed922166ada8bcdc997abd7a56cab188a718b4f","ssdeep":"384:UcjtYPuynr4B1Fh2nJk4L9XF4CmDA12aa4ECrK4ATvq4Xc3YFDk2W/7aC40Ou:UsHuJpgAMArK668b","tlshash":"1c62005a25f326355ef334fe63e78146763610076845c9193a9cc2041f81fa0abf7be8","size":15710,"data":"","first_seen":"2026-06-27T12:12:36.733261Z","last_seen":"2026-06-28T05:02:51.822872Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"exodus-authorized.com/cf-fonts/v/inter/5.0.16/latin/wght/normal.woff2","fqdn":"exodus-authorized.com","domain":"exodus-authorized.com","tld":"com"},"ip":{"addr":"185.92.183.187","port":80,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://exodus-authorized.com/authentication","date":"2026-06-27T12:12:11.529Z","timestamp":1782562331529,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /cf-fonts/v/inter/5.0.16/latin/wght/normal.woff2 HTTP/1.1\r\nHost: exodus-authorized.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://exodus-authorized.com/assets/css/styles.css\r\nCookie: PHPSESSID=rcigaa0isll3ma2ajvbfal0hda\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nDate: Sat, 27 Jun 2026 12:12:11 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLocation: https://www.google.com\r\nContent-Length: 293\r\nKeep-Alive: timeout=5, max=96\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T04:32:18.141912Z","times_seen":16845566,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":17,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"exodus-authorized.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"exodus-authorized.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"exodus-authorized.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.154.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://exodus-authorized.com/authentication","date":"2026-06-27T12:12:11.550Z","timestamp":1782562331550,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:36:04 GMT","end":"Mon, 31 Aug 2026 08:36:03 GMT"},"fingerprint":{"sha1":"5F:07:F9:B7:51:F8:4F:BF:84:9B:CE:9B:35:32:67:B4:8F:4D:E1:E1","sha256":"37:12:27:BA:F4:E4:8E:D1:CC:6E:41:B4:2F:D6:31:EE:8C:E9:A2:B0:B4:B7:4F:2A:AA:B0:9A:0F:EE:6A:04:54"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: http://exodus-authorized.com\r\nReferer: http://exodus-authorized.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/html; charset=UTF-8\r\ndate: Sat, 27 Jun 2026 12:12:11 GMT\r\nexpires: -1\r\ncache-control: private, max-age=0\r\nstrict-transport-security: max-age=31536000\r\ncontent-security-policy-report-only: object-src 'none';base-uri 'self';script-src 'nonce-sZ7kxiLhaB4gn1BuXmjWBg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}\r\naccept-ch: Sec-CH-Prefers-Color-Scheme\r\np3p: CP=\"This is not a P3P policy! See g.co/p3phelp for more info.\"\r\ncontent-encoding: br\r\nserver: gws\r\ncontent-length: 78894\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nset-cookie: AEC=AdJVEasKglsTf0qL-ieZRHKfFlRQivJAXulH6C-FZKh7NX2PGDMZ-uuqmeY; expires=Thu, 24-Dec-2026 12:12:11 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax\n__Secure-ENID=34.SE=rphtCe9TZMN2x_iB_VQBY3Iz6xuPyugP2Y35UC9ChdfZxqbBJS44_Su0L-UFpA8jtc9U0zeycM3L5LQW955wnwGd_8Cpn-UgVHoIRVzxIXJyCf5pDm8_71nST08yuq93qFCvzCbHgXGgeifd77bcwbLWCzQbTTjDw315UFQ8Lb2-r8Yo8hrV-_oAnQBEdefDjO9-LQ_0su22pO4TVhfT3M1y9aYvB5jg0IOopMpFa3DBjGhtTwsp_Gbb2tjU; expires=Wed, 28-Jul-2027 04:30:29 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax\n__Secure-BUCKET=COoG; expires=Thu, 24-Dec-2026 12:12:11 GMT; path=/; domain=.google.com; Secure; HttpOnly\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Google Web Server","description":"","website":"https://en.wikipedia.org/wiki/Google_Web_Server","common_platform_enumeration":"cpe:2.3:a:google:web_server:*:*:*:*:*:*:*:*","icon":"Google.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":280225,"size_decoded":80444,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (29202)","md5":"351b7f25cb377981e196cd88009b85a2","sha1":"75a4010b1984663075b8dc11d8ff5a65a12f02bb","sha256":"0c0ea7c52f6c917b6415fb7a68b75ca10d4a69947543508c2ac8130934e89381","sha512":"5bb55df3c8e103d73e4ae1424870943ed17ae124ad870827271bfd45274e78895366384bd1f51dd53ced8cfbbf8735434b7327513048b17d5ea7fbc67fd8ce70","ssdeep":"3072:fbuDBKvzHxj2VcIBBcgjJb0ImThRM/YIbWXFhKNs8:fbuDBKvzHxj2qIBBpJ4rM/YI818","tlshash":"e0546c316300b43b78139ae0e27f6f4e3c36e12fdd0a16b8a595ea749ee1cb1152566c","first_seen":"2026-06-27T12:12:36.716607Z","last_seen":"2026-06-27T12:12:36.716607Z","times_seen":1,"resource_available":false,"data":null}},"time_used":122,"timings":{"blocked":0,"dns":2,"connect":20,"send":0,"wait":102,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"exodus-authorized.com/assets/css/styles.css","fqdn":"exodus-authorized.com","domain":"exodus-authorized.com","tld":"com"},"ip":{"addr":"185.92.183.187","port":80,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://exodus-authorized.com/authentication","date":"2026-06-27T12:12:11.470Z","timestamp":1782562331470,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /assets/css/styles.css HTTP/1.1\r\nHost: exodus-authorized.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://exodus-authorized.com/authentication\r\nCookie: PHPSESSID=rcigaa0isll3ma2ajvbfal0hda\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 27 Jun 2026 12:12:11 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLast-Modified: Thu, 07 May 2026 14:03:58 GMT\r\nETag: \"5960-6513ac06c9f03-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 4722\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: text/css\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":22880,"size_decoded":5059,"mime_type":"text/css","magic":"ASCII text, with very long lines (315), with CRLF line terminators","md5":"08aed8e330d9dafbfa2b598242a2f86b","sha1":"538d2aa1373ca5d5aa266c0fdd3b5ff1f8c4a29a","sha256":"71556edf411cc4262303c621f97eb4ec1a52a743ee1f5d015c5160d375d95fc7","sha512":"48cff33c26a5b739127fbc758b33de0161c9e55c29a9c712e3d7646e306a8c03fe9a53404571e93bdbadd907730b224980b6f576e3e0ed1a0521d8cdf396c430","ssdeep":"192:hnW5nWUnWrnWP7pzXaAjtOwbcfEbC8W5behym9pzrAVBRVJHxTNHGDxuGBz1wBaP:hW5WUWrW9XpRW8WBQYaz18W","tlshash":"13a27519aa112105a237dbb8fbf34709e67890039b0752bdbbc411498ff93689366fdd","first_seen":"2026-03-04T07:07:25.737421Z","last_seen":"2026-06-28T05:02:51.821758Z","times_seen":3,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"exodus-authorized.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"exodus-authorized.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"exodus-authorized.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"exodus-authorized.com/cf-fonts/v/inter/5.0.16/latin/wght/normal.woff2","fqdn":"exodus-authorized.com","domain":"exodus-authorized.com","tld":"com"},"ip":{"addr":"185.92.183.187","port":80,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://exodus-authorized.com/authentication","date":"2026-06-27T12:12:11.505Z","timestamp":1782562331505,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /cf-fonts/v/inter/5.0.16/latin/wght/normal.woff2 HTTP/1.1\r\nHost: exodus-authorized.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://exodus-authorized.com/assets/css/styles.css\r\nCookie: PHPSESSID=rcigaa0isll3ma2ajvbfal0hda\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nDate: Sat, 27 Jun 2026 12:12:11 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLocation: https://www.google.com\r\nContent-Length: 293\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T04:32:18.141912Z","times_seen":16845566,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"exodus-authorized.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"exodus-authorized.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"exodus-authorized.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"exodus-authorized.com/cf-fonts/v/inter/5.0.16/latin/wght/normal.woff2","fqdn":"exodus-authorized.com","domain":"exodus-authorized.com","tld":"com"},"ip":{"addr":"185.92.183.187","port":80,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://exodus-authorized.com/authentication","date":"2026-06-27T12:12:11.526Z","timestamp":1782562331526,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /cf-fonts/v/inter/5.0.16/latin/wght/normal.woff2 HTTP/1.1\r\nHost: exodus-authorized.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://exodus-authorized.com/assets/css/styles.css\r\nCookie: PHPSESSID=rcigaa0isll3ma2ajvbfal0hda\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nDate: Sat, 27 Jun 2026 12:12:11 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLocation: https://www.google.com\r\nContent-Length: 293\r\nKeep-Alive: timeout=5, max=97\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T04:32:18.141912Z","times_seen":16845566,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"exodus-authorized.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"exodus-authorized.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"exodus-authorized.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"raw.githubusercontent.com/bitcoin/bips/master/bip-0039/english.txt","fqdn":"raw.githubusercontent.com","domain":"raw.githubusercontent.com","tld":"githubusercontent.com"},"ip":{"addr":"185.199.110.133","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"http://exodus-authorized.com/authentication","date":"2026-06-27T12:12:11.533Z","timestamp":1782562331533,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Jun 2026 23:26:07 GMT","end":"Wed, 02 Sep 2026 23:26:06 GMT"},"fingerprint":{"sha1":"3F:87:BE:75:1A:02:3B:A4:D2:51:D2:72:92:A0:00:61:D1:D0:D7:12","sha256":"32:49:1B:26:BF:AF:7B:FB:55:60:29:EF:32:29:9A:C4:37:4D:B3:4D:09:EE:CD:4F:FD:01:F2:1B:2C:5A:85:67"}}},"request":{"raw":"GET /bitcoin/bips/master/bip-0039/english.txt HTTP/1.1\r\nHost: raw.githubusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: http://exodus-authorized.com/\r\nOrigin: http://exodus-authorized.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: max-age=300\r\ncontent-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox\r\ncontent-type: text/plain; charset=utf-8\r\netag: W/\"a5d1c9e8297869cdc6e48c0ac63015d54e9275e637278b67ce58154d256f4087\"\r\nstrict-transport-security: max-age=31536000\r\nx-content-type-options: nosniff\r\nx-frame-options: deny\r\nx-xss-protection: 1; mode=block\r\nx-github-request-id: DF04:3AAB12:2AFBE7:4B2574:6A3FAC3C\r\ncontent-encoding: gzip\r\naccept-ranges: bytes\r\ndate: Sat, 27 Jun 2026 12:12:11 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-bma-essb1270038-BMA\r\nx-cache: HIT\r\nx-cache-hits: 0\r\nx-timer: S1782562332.567165,VS0,VE121\r\nvary: Authorization,Accept-Encoding\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-fastly-request-id: 171d52cd0c21a7744e05580fa5c5e2ff6a505fc7\r\nexpires: Sat, 27 Jun 2026 12:17:11 GMT\r\nsource-age: 0\r\ncontent-length: 6246\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13116,"size_decoded":7162,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"f23506956964fa69c98fa3fb5c8823b5","sha1":"b2d5241ae027a0e40f06a33d909809a190f210fe","sha256":"2f5eed53a4727b4bf8880d8f3f199efc90e58503646d9ff8eff3a2ed3b24dbda","sha512":"416c71ba30018ea292bb36cdc23c9329673485a8d8933266a9d9a7cc72153b8baed3d430f52eab4f5d3addf6583611b3777a50454599f1e42716f5f879621123","ssdeep":"192:DAvLtKog3W8jiD1/oLpsExUKqlyjn6SybkSoxIFg/7mSX30hB8OnqdE5HpF2gS2:MvLAog/I1wdsExXxigaSUvRj5r","tlshash":"e6421a78a360353bfacb5a8fdc983f51da444e336e0264e4f66d5645184bc86cb28d2b","first_seen":"2024-08-19T17:47:39.898911Z","last_seen":"2026-06-28T05:02:51.817598Z","times_seen":265,"resource_available":false,"data":null}},"time_used":159,"timings":{"blocked":0,"dns":2,"connect":9,"send":0,"wait":130,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.154.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://exodus-authorized.com/authentication","date":"2026-06-27T12:12:11.571Z","timestamp":1782562331571,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:36:04 GMT","end":"Mon, 31 Aug 2026 08:36:03 GMT"},"fingerprint":{"sha1":"5F:07:F9:B7:51:F8:4F:BF:84:9B:CE:9B:35:32:67:B4:8F:4D:E1:E1","sha256":"37:12:27:BA:F4:E4:8E:D1:CC:6E:41:B4:2F:D6:31:EE:8C:E9:A2:B0:B4:B7:4F:2A:AA:B0:9A:0F:EE:6A:04:54"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: http://exodus-authorized.com\r\nReferer: http://exodus-authorized.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/html; charset=UTF-8\r\ndate: Sat, 27 Jun 2026 12:12:11 GMT\r\nexpires: -1\r\ncache-control: private, max-age=0\r\nstrict-transport-security: max-age=31536000\r\ncontent-security-policy-report-only: object-src 'none';base-uri 'self';script-src 'nonce-UsqPbqy5Cnn9Zo_Bftk13A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}\r\naccept-ch: Sec-CH-Prefers-Color-Scheme\r\np3p: CP=\"This is not a P3P policy! See g.co/p3phelp for more info.\"\r\ncontent-encoding: br\r\nserver: gws\r\ncontent-length: 78942\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nset-cookie: AEC=AdJVEavEprVtwxGLbGx1aonSzAFPJI4t2mYWKHjzJux9N_rt6UlbBDeYBA; expires=Thu, 24-Dec-2026 12:12:11 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax\n__Secure-ENID=34.SE=mjFq6iFw3-G29xsnbqMh6XKvVgnK4NHYOyZpZteIrjvdEs9zi8ooHya3r6MMmDOJjYR6Bhjbtbvok2LbYcUbx58uLgpwG5sBXR8YzEfwdU8Dr4bx5ZDAQ8DLYahIAyumXNtfH9ZPH4X7tim4qBLN5LddtdZlM2cXvpl7w943w3VfnLY4A2XGKxP58oDd9SU2kPI187ThnF_vTpIF1jqHHAPpY1OsITGBFxmfi6jxoamSwNrsLJnVrLETt59k; expires=Wed, 28-Jul-2027 04:30:29 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax\n__Secure-BUCKET=CPMD; expires=Thu, 24-Dec-2026 12:12:11 GMT; path=/; domain=.google.com; Secure; HttpOnly\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Google Web Server","description":"","website":"https://en.wikipedia.org/wiki/Google_Web_Server","common_platform_enumeration":"cpe:2.3:a:google:web_server:*:*:*:*:*:*:*:*","icon":"Google.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":279348,"size_decoded":80491,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (29289)","md5":"bc43266b3b88709dde755d48f3a3372b","sha1":"85b75efbbfd34eae702f4165ae70e507ec831b57","sha256":"4bd418c1de87a8348756da66a7b8d16a7192ea7a2538769cdc015bc44938b05b","sha512":"3eadc92d82fa8ad4e969cbb4dcfd16ad516427a69b3dc3ec663e3566222a7b0be759f147359b3e99adacc4ab124a134e392712f36986b099826b01b2b2bc40e8","ssdeep":"3072:t/uDnKvzHYPWbILBvSWlk0ImThWwb0IKWXFhKNhc:t/uDnKvzHYPmILBnl1Mwb0Ihoc","tlshash":"eb546b716300b83ba423d9e0e5bf7f4e3c35a11fdc0a46b8a995da709fe1db2112665c","first_seen":"2026-06-27T12:12:36.724233Z","last_seen":"2026-06-27T12:12:36.724233Z","times_seen":1,"resource_available":false,"data":null}},"time_used":118,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.154.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://exodus-authorized.com/authentication","date":"2026-06-27T12:12:11.575Z","timestamp":1782562331575,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:36:04 GMT","end":"Mon, 31 Aug 2026 08:36:03 GMT"},"fingerprint":{"sha1":"5F:07:F9:B7:51:F8:4F:BF:84:9B:CE:9B:35:32:67:B4:8F:4D:E1:E1","sha256":"37:12:27:BA:F4:E4:8E:D1:CC:6E:41:B4:2F:D6:31:EE:8C:E9:A2:B0:B4:B7:4F:2A:AA:B0:9A:0F:EE:6A:04:54"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: http://exodus-authorized.com\r\nReferer: http://exodus-authorized.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/html; charset=UTF-8\r\ndate: Sat, 27 Jun 2026 12:12:11 GMT\r\nexpires: -1\r\ncache-control: private, max-age=0\r\nstrict-transport-security: max-age=31536000\r\ncontent-security-policy-report-only: object-src 'none';base-uri 'self';script-src 'nonce-mXiqU5wl0oEr2pbMsXSvwA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}\r\naccept-ch: Sec-CH-Prefers-Color-Scheme\r\np3p: CP=\"This is not a P3P policy! See g.co/p3phelp for more info.\"\r\ncontent-encoding: br\r\nserver: gws\r\ncontent-length: 84148\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nset-cookie: AEC=AdJVEau0Llj8eeJSB69PmXQYjw_iYMR15mU4aYOmrY51nvi7ckAbOeY2UKk; expires=Thu, 24-Dec-2026 12:12:11 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax\n__Secure-ENID=34.SE=yKHMV2Y8xXcV13n1Nby1ELumr6PJjGKtwsa2G7QgFW2TcKxVOR7FNwUvgsVCujT4o1kfKRB4yP9H_2_RNZ77G7KzBUrPm9lvYSye0LNMAar818sB03nuTBDXvMwneAKxCEZxhlP5Do8haQNQLrkhvgrZ5e2ZcVoWWlShkC08GsuvsD5NpwocvTeBgLPhCdSqkMPiwt6VAZD1CznePoVN2ftGrK0sYaxlAc0jFhtLj-ZCS23KTmTRBmHBq9gT; expires=Wed, 28-Jul-2027 04:30:29 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax\n__Secure-BUCKET=CN4E; expires=Thu, 24-Dec-2026 12:12:11 GMT; path=/; domain=.google.com; Secure; HttpOnly\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Google Web Server","description":"","website":"https://en.wikipedia.org/wiki/Google_Web_Server","common_platform_enumeration":"cpe:2.3:a:google:web_server:*:*:*:*:*:*:*:*","icon":"Google.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":279528,"size_decoded":85698,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (29166)","md5":"936aa414db0b7e36caa5ab2740c6d8e9","sha1":"5eff7d7c0e4a82132346caa5785bf0eadb5b079c","sha256":"88d96edda0e4c740c824aa47c9f8beacf9e0971d285c14e0f7da2f1544b048e0","sha512":"cc33703af14ce8e503f0ad00812dd171f57da3ed9fcc04461a7e5f468272dc1d62e185cde9f7c5fcb9a49a914d38da4b96b4c71caf20d7dd50717f47766508e1","ssdeep":"3072:nHuDNKvzHMsmVbIvBVNkLn0ImThnHv/IwWXFhKN8m:nHuDNKvzHMsmpIvBEL05Hv/ID1m","tlshash":"b6546d316300b4376927dae0a17f7f4e3c35e11fdc1a06b8aaa5e5719fe2cb2211665c","first_seen":"2026-06-27T12:12:36.727009Z","last_seen":"2026-06-27T12:12:36.727009Z","times_seen":1,"resource_available":false,"data":null}},"time_used":112,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.154.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://exodus-authorized.com/authentication","date":"2026-06-27T12:12:11.577Z","timestamp":1782562331577,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:36:04 GMT","end":"Mon, 31 Aug 2026 08:36:03 GMT"},"fingerprint":{"sha1":"5F:07:F9:B7:51:F8:4F:BF:84:9B:CE:9B:35:32:67:B4:8F:4D:E1:E1","sha256":"37:12:27:BA:F4:E4:8E:D1:CC:6E:41:B4:2F:D6:31:EE:8C:E9:A2:B0:B4:B7:4F:2A:AA:B0:9A:0F:EE:6A:04:54"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: http://exodus-authorized.com\r\nReferer: http://exodus-authorized.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncontent-type: text/html; charset=UTF-8\r\ndate: Sat, 27 Jun 2026 12:12:11 GMT\r\nexpires: -1\r\ncache-control: private, max-age=0\r\nstrict-transport-security: max-age=31536000\r\ncontent-security-policy-report-only: object-src 'none';base-uri 'self';script-src 'nonce-S_iOG5bCgO7f6bPCRoahAQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"gws\"\r\nreport-to: {\"group\":\"gws\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gws/other\"}]}\r\naccept-ch: Sec-CH-Prefers-Color-Scheme\r\np3p: CP=\"This is not a P3P policy! See g.co/p3phelp for more info.\"\r\ncontent-encoding: br\r\nserver: gws\r\ncontent-length: 84519\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nset-cookie: AEC=AdJVEavP5ScFiBvF15n69ZPTwvcVby1iuyXyGUeVHxqjYKr5Eei0Bs94lzw; expires=Thu, 24-Dec-2026 12:12:11 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax\n__Secure-ENID=34.SE=BhVnZEG20GYcaTyEd-1OufbaU8T8iKkZhIvAvGdVTuBJ-cKxcWhg5xgBZZvQVQTk-Rf0ehLTo_TQ2BgZlO1jjAuxIzqj_gZcaYykxLf1G4-GiNtut2Fc1f4al5oc414jly0Sq7uNK5R4w7dAPT_i4nBtbeWZP_zGS6iIFtSN2oia-kOSeS2ZLaomKtIgAv03qT_S2Bv99VeTZCKy3YuqMOyQE-Xpaavp1AOBmLuc2B79JRw76K6ewca-pKjn; expires=Wed, 28-Jul-2027 04:30:29 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax\n__Secure-BUCKET=CK4E; expires=Thu, 24-Dec-2026 12:12:11 GMT; path=/; domain=.google.com; Secure; HttpOnly\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Google Web Server","description":"","website":"https://en.wikipedia.org/wiki/Google_Web_Server","common_platform_enumeration":"cpe:2.3:a:google:web_server:*:*:*:*:*:*:*:*","icon":"Google.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":279462,"size_decoded":86069,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (29264)","md5":"129674605970702fc65f4b856ac67523","sha1":"402838e0908bf4b48ef75e3144fd0b5cbcc51def","sha256":"1b72c6bc962602fd1b7f34386cf47a9cdd0744b187646519e7160d8a44d8239d","sha512":"ffce83ec9ef40ae67ec2a1c95f1cb16a77a3bd502bfe68fb0dfde1d9f8d8c87f189a5f0bd403ee2211324dbbbd3cd4013e044842b7922a0ab2b6bb167055af4c","ssdeep":"3072:z9PuDtKvzHP7rbIkBwKmqan0ImThia7GILWXFhKN6x:z1uDtKvzHP7HIkBRa0Aa7GIs/x","tlshash":"f9545c316300b43ba513e9a0e2bf6f4e3c35e11fdc0a46b8a995e5b09ef5cf2152665c","first_seen":"2026-06-27T12:12:36.728793Z","last_seen":"2026-06-27T12:12:36.728793Z","times_seen":1,"resource_available":false,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":102,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.exodus.com/favicon.ico","fqdn":"www.exodus.com","domain":"exodus.com","tld":"com"},"ip":{"addr":"104.18.36.212","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://exodus-authorized.com/authentication","date":"2026-06-27T12:12:11.920Z","timestamp":1782562331920,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"exodus.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 May 2026 06:01:30 GMT","end":"Sun, 16 Aug 2026 07:01:22 GMT"},"fingerprint":{"sha1":"66:0E:B0:CB:AC:8A:82:17:98:75:EC:5E:B8:6C:41:38:1D:DF:37:9A","sha256":"91:1B:A7:F5:D0:D6:E5:AD:F0:DC:F8:87:5E:D2:0A:BE:3E:38:78:D7:8A:97:BF:59:D0:55:BE:39:E7:3F:B1:57"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.exodus.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://exodus-authorized.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sat, 27 Jun 2026 12:12:11 GMT\r\ncontent-type: image/vnd.microsoft.icon\r\ncf-ray: a1245bceaea623eb-OSL\r\ncf-cache-status: HIT\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nage: 103557\r\nlast-modified: Fri, 26 Jun 2026 07:26:13 GMT\r\nserver: cloudflare\r\ncontent-security-policy: frame-ancestors 'self'\r\ncross-origin-opener-policy: same-origin\r\nfeature-policy: geolocation 'none'; camera 'none'; microphone 'none'; usb 'none'; payment 'none'\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nx-frame-options: sameorigin\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":107757,"size_decoded":29131,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 6 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel","md5":"d74e146d71ec3a6053bc510ececfb436","sha1":"c2140bba4c4f7821bcb99ff31ef3d1bc718435e7","sha256":"28fdabf1c3621eba7c57eafcbb6ba5cf6387b2d88f681cfc3e16ac3ce8d0778b","sha512":"e4f365dd4e589e0711cc38826779ca04eef88418330b1f365e2e084c280e60f9020ddd187c13f489c4032d2a3ba45f27162219c253e1de2b25774df53c58c6bf","ssdeep":"768:Dlw1UK6WSEvzpcUzFQQeXTvlcCNd07yI4vKUA/ggg3V7iVszANqMYi1q1SPPFPem:6VN4j0oA/gggFuVPYi1Y7a3bvP0EGEGO","tlshash":"54b35ad2aa5ca057c91404354e26c2d269e35ea8b9d821917be4ff6f1c3c05ba4bf337","first_seen":"2025-06-14T22:30:55.790441Z","last_seen":"2026-06-28T05:02:51.81669Z","times_seen":35,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":6,"connect":2,"send":0,"wait":21,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"exodus-authorized.com/authentication","fqdn":"exodus-authorized.com","domain":"exodus-authorized.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-27T12:12:04.681Z","timestamp":1782562324681,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /authentication HTTP/1.1\r\nHost: exodus-authorized.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T04:32:18.141912Z","times_seen":16845566,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"exodus-authorized.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"exodus-authorized.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"exodus-authorized.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"exodus-authorized.com/authentication","fqdn":"exodus-authorized.com","domain":"exodus-authorized.com","tld":"com"},"ip":{"addr":"185.92.183.187","port":80,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-27T12:12:11.304Z","timestamp":1782562331304,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /authentication HTTP/1.1\r\nHost: exodus-authorized.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 27 Jun 2026 12:12:11 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nSet-Cookie: PHPSESSID=rcigaa0isll3ma2ajvbfal0hda; path=/\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Length: 11501\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":47432,"size_decoded":11923,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1262), with CRLF line terminators","md5":"0aefbc7133472e48273499d3b1aca0e8","sha1":"38f63268d2df69d5d82f9259eca463290a946695","sha256":"8a50c40593f525c58ae8744bb0ba3456e1d2134b0075502d7b61696832ced659","sha512":"1466eb29733a725c53938582610c68e1f2033e0af58d830b0b55c25feee854ec5077a60ac641bf3900d4b58e7b1df42c7e710925e59a9508843ee71070785b8c","ssdeep":"384:KST/IOnIIfF0gJL8o4+TM7Er5OhUPkGphyLLj1xZKj2757IC87Y4+fVq2vz41UJd:Zb/IINbJwoLTMyj88s5xxD1J2w1Xp","tlshash":"2a23d8569190112646b767b9abf3871dfb7a4053d20283183bed93464ff2d80ea63edc","first_seen":"2026-06-27T12:12:36.731482Z","last_seen":"2026-06-28T05:02:51.820669Z","times_seen":2,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":3,"connect":15,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"exodus-authorized.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"exodus-authorized.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"exodus-authorized.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"exodus-authorized.com/cf-fonts/v/inter/5.0.16/latin/wght/normal.woff2","fqdn":"exodus-authorized.com","domain":"exodus-authorized.com","tld":"com"},"ip":{"addr":"185.92.183.187","port":80,"asn":0,"as":"","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://exodus-authorized.com/authentication","date":"2026-06-27T12:12:11.527Z","timestamp":1782562331527,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /cf-fonts/v/inter/5.0.16/latin/wght/normal.woff2 HTTP/1.1\r\nHost: exodus-authorized.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://exodus-authorized.com/assets/css/styles.css\r\nCookie: PHPSESSID=rcigaa0isll3ma2ajvbfal0hda\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nDate: Sat, 27 Jun 2026 12:12:11 GMT\r\nServer: Apache/2.4.41 (Ubuntu)\r\nLocation: https://www.google.com\r\nContent-Length: 293\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Apache HTTP Server:2.4.41","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T04:32:18.141912Z","times_seen":16845566,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":15,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"exodus-authorized.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"exodus-authorized.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"exodus-authorized.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}