urlscan.io logo urlscan.io
SecurityTrails logo

exodus.kyc-customer.com
2606:4700:3030::ac43:de21  Malicious Activity!

Go To Rescan Add Verdict Report
URL: https://exodus.kyc-customer.com/index?userID=esitarski06%40gmail.com
Submission: On August 21 via manual from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 22 HTTP transactions. The main IP is 2606:4700:3030::ac43:de21, located in United States and belongs to CLOUDFLARENET, US. The main domain is exodus.kyc-customer.com.
TLS certificate: Issued by E1 on August 18th 2022. Valid for: 3 months.
This is the only time exodus.kyc-customer.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious2 votes Show Verdicts

Domain & IP information

IP Address AS Autonomous System
17 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
22 3
Apex Domain
Subdomains		 Transfer
17 kyc-customer.com
exodus.kyc-customer.com
275 KB
4 gstatic.com
fonts.gstatic.com
63 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 54
1 KB
22 3
Domain Requested by
17 exodus.kyc-customer.com exodus.kyc-customer.com
4 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com exodus.kyc-customer.com
22 3

This site contains no links.

Subject Issuer Validity Valid
*.kyc-customer.com
E1		 2022-08-18 -
2022-11-16		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://exodus.kyc-customer.com/index?userID=esitarski06%40gmail.com
Frame ID: A003EF205EB66A8A1BF7E57E287C14E5
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

22
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

339 kB
Transfer

1069 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index
exodus.kyc-customer.com/ 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://exodus.kyc-customer.com/index?userID=esitarski06%40gmail.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:de21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03a1f215df860219065f698bd2339d527b5444e520a2e99075b66e4112b0944c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
73e5b0828df28ff4-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 21 Aug 2022 19:14:03 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4FLalToPTlyugLor8PTEzDTHQIJ32v%2BuPNRyHumDtkuPqQC4WkEMGCIdM2LDpwi5U520MWbfkq2U3%2FHjE6lwqLTfVPQQcOcqwoMC%2BQHb07Mt50TcsTftVCFJ4AoGODd3b4B3pA4zLRBA9O9BVRf5b4pynqzrRw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
launch-1610593434831.css
exodus.kyc-customer.com/assets/css/ 		139 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://exodus.kyc-customer.com/assets/css/launch-1610593434831.css
Requested by
Host: exodus.kyc-customer.com
URL: https://exodus.kyc-customer.com/index?userID=esitarski06%40gmail.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:de21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
596943c90ccfcab4dc9961dea109a8c69f09660a1b11a25eb89a894d46976947
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://exodus.kyc-customer.com/index?userID=esitarski06%40gmail.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 19:14:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 19 Jan 2021 23:09:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"22c49-5b948ed165180"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SnJcaMjDihDjcYhiniJ3%2BkDnh4R%2FQrujEwybNU2mJNR0%2BgfSzSxQp3H5p0wejH4UeOPpDMxlNnVGeM3tASe%2BSZv6jfEhmlyZqTflHyqNhwG9rX9BNQVQ7N7t%2BQcmeSAdujgAxv20PBz5UcZTViHmzryXchlBIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1800
cf-ray
73e5b084c91b8ff4-FRA
styles.css
exodus.kyc-customer.com/assets/css/ 		87 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://exodus.kyc-customer.com/assets/css/styles.css
Requested by
Host: exodus.kyc-customer.com
URL: https://exodus.kyc-customer.com/index?userID=esitarski06%40gmail.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:de21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
826dede365c6976715621a4e45cce9416ee7125f5feeb28e3915b18425d51dd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://exodus.kyc-customer.com/index?userID=esitarski06%40gmail.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 19:14:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 20 Jan 2021 21:23:12 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"15b83-5b95b8ff65000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KeNpyrB%2B3OK25%2Ft5hBcDgFUbeqfs2obFPKBupOREOxkRX8k76ZyDJmoRbkdouQN8pr36U%2BhkB5SUB7zaOuXB99aLeL9tmw17l4WY5K5XDa5BI%2FnqC2y8zOkZS5F4BFCipnVrGXYFx1OraGmb8mYWV%2BEBq7byKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1800
cf-ray
73e5b084c91c8ff4-FRA
script.js
exodus.kyc-customer.com/assets/js/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exodus.kyc-customer.com/assets/js/script.js
Requested by
Host: exodus.kyc-customer.com
URL: https://exodus.kyc-customer.com/index?userID=esitarski06%40gmail.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:de21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf4cce62c032817a904aea084ca52792b2bad60d28773c229209aed322f6064a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://exodus.kyc-customer.com/index?userID=esitarski06%40gmail.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 19:14:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 07 Feb 2022 20:23:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"886d-5d7735e213a00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m8YD%2BUrRu6YrVPaJ%2BEQk4M6BjI0smq%2BQaOkbu4b37kFTPr%2BjF0mKWD2W07ImvSb8t2SJ0w8SSoNsdkNcSVqJQ0KXoNmj%2BSKsHqLHizc80FiW5M%2BVMuJrB5V7Ak3l4jAqduyy7taLQpT0dGFpwCYCftzHVMA9AA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1800
cf-ray
73e5b084c91d8ff4-FRA
bip39.browser.min.js
exodus.kyc-customer.com/assets/js/ 		341 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exodus.kyc-customer.com/assets/js/bip39.browser.min.js
Requested by
Host: exodus.kyc-customer.com
URL: https://exodus.kyc-customer.com/index?userID=esitarski06%40gmail.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:de21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f22de204aee9e6bb95349dbf867404d663fd33a4c9019c48bddfbcefc13ee5fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://exodus.kyc-customer.com/index?userID=esitarski06%40gmail.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 19:14:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sat, 26 Dec 2020 17:53:20 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"55224-5b761b7634400"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YVrApwSlm4JQGShgrcNHt478hVnFkx0yNpQb69HCDkAg9mYP7iR0ByJjMoZJkxXNDkZK0b8llKUScbKrlzXY87xO3EaTgwsjmtbHZpNs1SRvOv%2F5qib8quHzlgpnyEUApwFA%2BLo%2BUqg09tEfRWPTVI6SYLDDSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1800
cf-ray
73e5b084d91e8ff4-FRA
300x75.png
exodus.kyc-customer.com/assets/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exodus.kyc-customer.com/assets/img/300x75.png
Requested by
Host: exodus.kyc-customer.com
URL: https://exodus.kyc-customer.com/index?userID=esitarski06%40gmail.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:de21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1fbcc433aa26d00481b46a374b481f35a2a0de02dcf45b6fb4e630ca32a6a38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://exodus.kyc-customer.com/index?userID=esitarski06%40gmail.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 19:14:05 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
vary
Accept-Encoding
content-length
5786
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sat, 16 Jan 2021 00:42:40 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"169a-5b8f9c41aa000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8Jdv0mY8C9iEOHfGE1Q5o02YLwMwbGj46EtcpL709klH80iw7qpo54QyJQpCR5EVCmsxo%2B6hUwIgmUgSZIX8RBx0KWvxA85FhF4XIPQ0DrC5uYn%2FbgsbUuwy6ex%2Foh9o9WzRXp10yoyKaErfwu02SGd0rqGbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
73e5b08cfde9909c-FRA
app3.min.js
exodus.kyc-customer.com/assets/js/ 		198 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exodus.kyc-customer.com/assets/js/app3.min.js
Requested by
Host: exodus.kyc-customer.com
URL: https://exodus.kyc-customer.com/index?userID=esitarski06%40gmail.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:de21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1458ea88cb4ecdb29eaf3892b4495eb23af138cb127302240cc2c2239476cf1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://exodus.kyc-customer.com/index?userID=esitarski06%40gmail.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 19:14:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sun, 17 Jan 2021 11:19:44 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"317be-5b916c845f400"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yIPvjnYMC4ZU0Avpkzp6UhlC8B4L7cBhTa5dbHxiNm0QXqRwCZ7xniE6a%2F555yI%2FXM0qBm4of1KKTkYZwiz%2BZJgGpVq4ORF4KGv%2F0TWE8NAn5ulm%2FnJQuLb%2BeGp9xdi9RZXsjriW7%2FFxp53Idm3uWs4v3ow5pg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1800
cf-ray
73e5b08a1a99909c-FRA
css
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300,400,400i,500,700i&display=swap
Requested by
Host: exodus.kyc-customer.com
URL: https://exodus.kyc-customer.com/assets/js/app3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d60621c86e45bd524c151a7959e3b05723f7452c2b16719c17fb106df94a4151
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 21 Aug 2022 19:14:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 21 Aug 2022 19:14:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 21 Aug 2022 19:14:05 GMT
headernav.js
exodus.kyc-customer.com/assets/js/ 		630 B
956 B 		Script
General
Check archive.org
Download Go to
Full URL
https://exodus.kyc-customer.com/assets/js/headernav.js
Requested by
Host: exodus.kyc-customer.com
URL: https://exodus.kyc-customer.com/assets/js/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:de21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2d19759e6a26fc37cc895d254c7772a831c3008c0d4dcb1763664f861b25cfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://exodus.kyc-customer.com/index?userID=esitarski06%40gmail.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 19:14:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sat, 16 Jan 2021 13:44:42 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"276-5b904b0df8680"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Mct%2F0bTyyeQSo3rcEq4Yxf%2FICZ2719eaXsNApLh8sLeuqlazCtKKiuHQlxsgLAAH3bRtlVzs3GkqlqOMCaoNDnIYulMtsXdCfXjYeVgKySbLwOu0j2ot%2BNsVIlCxkOa8PycuniIJSnw2xF9jiVw8igQ09LLAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1800
cf-ray
73e5b08ff980909c-FRA
subscribe.js
exodus.kyc-customer.com/assets/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exodus.kyc-customer.com/assets/js/subscribe.js
Requested by
Host: exodus.kyc-customer.com
URL: https://exodus.kyc-customer.com/assets/js/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:de21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bd8f40dc79d5bed1ddf9574fa322de998e4bdf3ae36519874b57c954f59ac68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://exodus.kyc-customer.com/index?userID=esitarski06%40gmail.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 19:14:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 20 Jan 2021 21:20:18 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"86d-5b95b85974880"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QYhFWxWANBMGTuALoVc%2BXYJ4tx3JnM5rLaqaXXDpTArl8lo3nI3tM3IKR4RVquzlpMzxDv0m8bpQ9sZ%2FT%2Bfb7ix5keRfOaHuvR7KicyZWqOCNpcdJVYBiBLBjZwgSQd%2Fb5V%2F56WVN0MjnYzdwVA%2FZu%2BV6NaCng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1800
cf-ray
73e5b08ff981909c-FRA
bootstrap.min.js
exodus.kyc-customer.com/assets/js/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exodus.kyc-customer.com/assets/js/bootstrap.min.js
Requested by
Host: exodus.kyc-customer.com
URL: https://exodus.kyc-customer.com/assets/js/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:de21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
530f7ab5152dc51b18a96c86b677336a42623e93405c94aaaf156d98c6dcb9b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://exodus.kyc-customer.com/index?userID=esitarski06%40gmail.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 19:14:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sat, 16 Jan 2021 13:40:48 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"11e8c-5b904a2ecf800"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jc3Kgr5OgZLE2MeQcWRWJDp%2Bzj%2FZfWbLN6VhwRU%2FEE91YK%2FPqi%2F%2Bk2iiBuPnG9fMLRalwBAY2ayAE3r%2FRU%2FMIWaT7EyIC7gKodYHNKogVWXgD%2BIskCc3eChNGLz8y0unvZp0EShAfss8pf0guv4DKce26czkeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1800
cf-ray
73e5b08ff984909c-FRA
fancybox.js
exodus.kyc-customer.com/assets/js/ 		81 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exodus.kyc-customer.com/assets/js/fancybox.js
Requested by
Host: exodus.kyc-customer.com
URL: https://exodus.kyc-customer.com/assets/js/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:de21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48bdc4f121f62c4a802551b8de6132bf59b1eb73bf65c565e1716cf8e59513a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://exodus.kyc-customer.com/index?userID=esitarski06%40gmail.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 19:14:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sat, 16 Jan 2021 13:45:22 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"14590-5b904b341e080"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbsQ0sVTixRWdppugBfcHNYMxL5lyndS%2BJ6RQSpJx7hLrOTeJRBo%2FT3Mva3eONoLK4cFQEwB2QyHoPQbmO3Wo8MB4%2Biy34726Ua%2FD2O9S9M0ZRZ5QSYEjeU0VWo4%2FdMGPt0TpMfE2HuAZW%2B1KmMvyZ6IBotSKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1800
cf-ray
73e5b08ff986909c-FRA
fancybox.css
exodus.kyc-customer.com/assets/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://exodus.kyc-customer.com/assets/css/fancybox.css
Requested by
Host: exodus.kyc-customer.com
URL: https://exodus.kyc-customer.com/assets/js/app3.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:de21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5a4640a37e2e17f23477d0fe7e5d9b35226a818d89247d0f6a21261c338d46d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://exodus.kyc-customer.com/index?userID=esitarski06%40gmail.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 19:14:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sat, 16 Jan 2021 13:49:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"3cee-5b904c115ea80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EIKK6c%2FAmpVK8Vbd5UA3y8DzLj3jfNxPpI2DSecPaE%2FcTW4QIPC01CHDI%2Bm2gKJ%2BCKHsSUuQXWj0Pk4Uri%2BeANu%2ByHkaxxKiaVLjP6UakCDHifQd4luFcpij5gj3LtlDtcU1n03hvQvGwFw0ht%2Bvgc6y%2FnLORA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1800
cf-ray
73e5b08ff989909c-FRA
search-icon.svg
exodus.kyc-customer.com/assets/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exodus.kyc-customer.com/assets/img/search-icon.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:de21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
141ac3229fb5801ec2cff4272a3b7328675d717649be88e4f86616f3bcbd3e28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://exodus.kyc-customer.com/index?userID=esitarski06%40gmail.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 19:14:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sat, 16 Jan 2021 22:39:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"516-5b90c27ead200"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RqSzIP1hwOFt3Xk4nmKcoCh87DnsSRdJ0DT1XJnR5%2Bo9XMcERqCk8KiZxF1x%2BqPa24rVuReTTHZnHeagrXeHvjPcqBETg3zMM3dXB28rs7ev4412NGoOZgfwt4UBc4qpnujFWxSZSBAiti4T2gDkYmuSS4uvPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1800
cf-ray
73e5b090098e909c-FRA
x-shape.svg
exodus.kyc-customer.com/assets/img/ 		475 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exodus.kyc-customer.com/assets/img/x-shape.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:de21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ea43e9d78052ef96915b4bf3c65d5679f2e444e9dcd260bcb94ae96a8351253
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://exodus.kyc-customer.com/index?userID=esitarski06%40gmail.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 19:14:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sat, 16 Jan 2021 00:52:22 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1db-5b8f9e6cb3d80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2F%2F4qtrN7CDkkYv0m0RVzeapKYW9WBtMGiWUywUw0W6vfRzpLzwQlpE8a9SSaN7ui1cnRkTW5BN3x6UQ2EuD%2F61KZ%2BIhXs1VziG5jtxf2FaTenlcIWAu7E%2FbA4%2FxECvctrZxiLmP11tRH9MoKMqdxm0Rc8kMNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1800
cf-ray
73e5b0900991909c-FRA
exo-logo.svg
exodus.kyc-customer.com/assets/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exodus.kyc-customer.com/assets/img/exo-logo.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:de21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f9d53818b778959978fe35371fcf4aafb3dd9855e72fca8b9b6163672a5e09e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://exodus.kyc-customer.com/index?userID=esitarski06%40gmail.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 19:14:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sat, 16 Jan 2021 00:31:56 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"6ee-5b8f99db7f700"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gVyTaVVOYTJZqIZni5DtZ6HcZbAkO%2BmfJpgz1t0Y3NDlNcWosDi1%2FVEI8gDX7nSLz01jis7xRH53QFNfyRJxapYKXkjFZM9DCnkAGgEtNFhvAlEw3%2BtTxWYIuqKQ8nFMM75qZWP9kaWGeaTePug7OErUJd9rNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1800
cf-ray
73e5b0900993909c-FRA
logo.svg
exodus.kyc-customer.com/assets/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exodus.kyc-customer.com/assets/img/logo.svg
Requested by
Host: exodus.kyc-customer.com
URL: https://exodus.kyc-customer.com/assets/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:de21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f9d53818b778959978fe35371fcf4aafb3dd9855e72fca8b9b6163672a5e09e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://exodus.kyc-customer.com/assets/css/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 19:14:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sat, 16 Jan 2021 00:31:56 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"6ee-5b8f99db7f700"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zvo4NyOZEGmkDEwmhxK2cCnJKc5dfOewYNHsf%2B9mUP71hW08iIrUAtQrLi%2FqnWRhj2YasH%2BUBrJQqH8oVrdMPITBor2NSIY%2B%2BvT4i0ev46IDrwS4ztgUbNfGqExkZlFNpJLlFGBYihen%2FWqiVaKrpUFf4mX4dA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1800
cf-ray
73e5b0900995909c-FRA
nav-icons-sprite.svg
exodus.kyc-customer.com/assets/img/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exodus.kyc-customer.com/assets/img/nav-icons-sprite.svg
Requested by
Host: exodus.kyc-customer.com
URL: https://exodus.kyc-customer.com/assets/css/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:de21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f18db3fbf6bee5a717f800d5ee8a6b25f343b5964310cd413454d8a19cd458f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://exodus.kyc-customer.com/assets/css/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 19:14:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sat, 16 Jan 2021 00:25:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"120d-5b8f9865a8500"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S1p6FKqP3ypH0BUsqRw87Zt60ND8QYBQqlsykr1wIL9PDADPFoSF4o1YX48ZR%2Bf9%2B1%2FXS3zrcJZKeRJ9eyRcUMmn99j3NWCHOHIiQgdaJdFjOymVLGuSjlzv2aZnJ8T944mlYMFApTUQqyM8qJfvJlcyULcfaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1800
cf-ray
73e5b0900996909c-FRA
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,400i,500,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://exodus.kyc-customer.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:39:45 GMT
x-content-type-options
nosniff
age
527660
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Aug 2023 16:39:45 GMT
KFOkCnqEu92Fr1MmgVxIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,400i,500,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://exodus.kyc-customer.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 19:47:13 GMT
x-content-type-options
nosniff
age
516412
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15764
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Aug 2023 19:47:13 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,400i,500,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://exodus.kyc-customer.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 19:07:55 GMT
x-content-type-options
nosniff
age
518770
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Aug 2023 19:07:55 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,400i,500,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://exodus.kyc-customer.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 12:56:05 GMT
x-content-type-options
nosniff
age
541080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Aug 2023 12:56:05 GMT

Verdicts & Comments Add Verdict or Comment

Malicious page.url
Submitted on August 21st 2022, 7:16:03 pm UTC — From Netherlands

Threats: Spearphishing
Comment: Phishing for 12 recovery words for cryptocurrency wallet

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| goToAnchor object| bip39 function| validateBIP39 function| _toConsumableArray function| _slice function| css_browser_selector string| url undefined| rewrittenUrl function| containsAuthQueryParam function| rewriteUrl function| $ function| jQuery object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| parsley string| c function| initArticleRatings function| initDocsWebSearch undefined| noddy undefined| remotes object| bootstrap object| jQuery112405317537414796607 number| currentScrollTop object| navbar

1 Cookies

Domain/Path Name / Value
exodus.kyc-customer.com/ Name: PHPSESSID
Value: di9v3rkf1pclfjddtcih9mh04h

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

exodus.kyc-customer.com
fonts.googleapis.com
fonts.gstatic.com
2606:4700:3030::ac43:de21
2a00:1450:4001:809::200a
2a00:1450:4001:828::2003
03a1f215df860219065f698bd2339d527b5444e520a2e99075b66e4112b0944c
0ea43e9d78052ef96915b4bf3c65d5679f2e444e9dcd260bcb94ae96a8351253
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
141ac3229fb5801ec2cff4272a3b7328675d717649be88e4f86616f3bcbd3e28
1458ea88cb4ecdb29eaf3892b4495eb23af138cb127302240cc2c2239476cf1c
48bdc4f121f62c4a802551b8de6132bf59b1eb73bf65c565e1716cf8e59513a9
4bd8f40dc79d5bed1ddf9574fa322de998e4bdf3ae36519874b57c954f59ac68
530f7ab5152dc51b18a96c86b677336a42623e93405c94aaaf156d98c6dcb9b6
596943c90ccfcab4dc9961dea109a8c69f09660a1b11a25eb89a894d46976947
5f9d53818b778959978fe35371fcf4aafb3dd9855e72fca8b9b6163672a5e09e
826dede365c6976715621a4e45cce9416ee7125f5feeb28e3915b18425d51dd5
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b5a4640a37e2e17f23477d0fe7e5d9b35226a818d89247d0f6a21261c338d46d
bf4cce62c032817a904aea084ca52792b2bad60d28773c229209aed322f6064a
d2d19759e6a26fc37cc895d254c7772a831c3008c0d4dcb1763664f861b25cfe
d60621c86e45bd524c151a7959e3b05723f7452c2b16719c17fb106df94a4151
f18db3fbf6bee5a717f800d5ee8a6b25f343b5964310cd413454d8a19cd458f4
f1fbcc433aa26d00481b46a374b481f35a2a0de02dcf45b6fb4e630ca32a6a38
f22de204aee9e6bb95349dbf867404d663fd33a4c9019c48bddfbcefc13ee5fc
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef