| synchronizationconnection.pages.dev/suspendedpage.html |  172.66.45.18 | 308 Permanent Redirect | 0 B |
URL GET HTTP/3synchronizationconnection.pages.dev/suspendedpage.html IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /suspendedpage.html HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 308 Permanent Redirect
date: Wed, 08 May 2024 17:53:37 GMT
content-length: 0
location: /suspendedpage
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hb%2FZ75tOybNol64TJ1dnNXmwDQfJJUh5RC7MSVbgqAQiwcRzykG1csrQQiLpum8d9b6pRZviAbwqXtnrZpEIvIq%2F7%2FnanXm5ByCwt1y0iaKuQrFOujde0nZlzD7kdlAb17dxCfYpwNdfYiOEc2frl4KvHONvyg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70bf427129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/metamask-69ce6b56bbc9953dfb4aecebdf88729b.html | 172.66.45.18 | 308 Permanent Redirect | 0 B |
URL GET HTTP/3synchronizationconnection.pages.dev/images/metamask-69ce6b56bbc9953dfb4aecebdf88729b.html IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/metamask-69ce6b56bbc9953dfb4aecebdf88729b.html HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 308 Permanent Redirect
date: Wed, 08 May 2024 17:53:37 GMT
content-length: 0
location: /images/metamask-69ce6b56bbc9953dfb4aecebdf88729b
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LM0yOhzh87cMw0Q682NfLsG06typIu1mBXesYVRC8x2067N%2FZFsE7Air9vIWWUB1fOF9SbGDlC4oGPIlcHQoAEztMk9iuiLl7RM1pOelTs7ZEV%2F7ZNb6U%2Fg0aP6gmyL%2FbUs6aI8aEZnCnYDWT1mo8reirHoDew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70bf417129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/rainbow-207dda8d66f8ffc00a21e4fcc5ce0a73.png | 172.66.45.18 | 200 OK | 22 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/rainbow-207dda8d66f8ffc00a21e4fcc5ce0a73.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 420 x 420, 8-bit colormap, non-interlaced Hashb2521ef2692ac7c8802b1d17d494f2e8 ba4a36fe55376d0b43410230ece5b99d7e57504e 2e4a7b4b020e2822694880cdecc65e35972e7f961db8596912f92b8fe2af1d40
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/rainbow-207dda8d66f8ffc00a21e4fcc5ce0a73.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 22036
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "5e26af44f8b5d24b9993e69b235004df"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qvkC9Vrz%2F9rUrZmZscfJLPHXVakSX%2F4Iu41H0gqz5FzXDNlZVYIaBukdSGDZR%2FQ0VTulPu8G58aZ3zbQIGzratmEod1QcwqJJZdkrmwgy8tQGFqzhESG%2B3abIftBIWpDwkuncTsp4xl%2FgO4zp4UPVIdTTCBxIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70cf4c7129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/crypto-4cbeac57421fb3ca2573db2cf448169a.png | 172.66.45.18 | 200 OK | 27 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/crypto-4cbeac57421fb3ca2573db2cf448169a.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 1024 x 1024, 8-bit colormap, non-interlaced Hash500937c7bb85e0bb58e5043461f80b9f a4a541efa9c55735354bc8ba8b929abfbd947b38 663d35a3d897c47e87516ff63f3913ef3025c3b13b01ad056d00ba856172d8b7
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/crypto-4cbeac57421fb3ca2573db2cf448169a.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 27261
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "12d8c15829360d3f162081506309227b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lGiEhcqpmwP8IINYR83AtWs1ZweP16Z6phZyNlQYIC8Dcgc6b7M7%2FvSkMALXSuYuJWEULy5n5iVhmCxLem7HPVjO6r9ZfHXqKOXk6PbhVt%2BRu%2B87EFqjlhakUBb%2FD6Ks5YW0VpyfRi55OdwrcZCcEOeGNPgNww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70cf557129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/anchor.png | 172.66.45.18 | 200 OK | 4.6 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/anchor.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 360 x 300, 4-bit colormap, non-interlaced Hash0262f0c64d1dee169d7f0efb5ab090c5 2f871b600cdb960fe88d65e09559d93ce89fb648 02aa8d821fcaf612c624e9fe5244895feedbdfc5784642799d745e75ca4ee86b
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/anchor.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 4586
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "b15cf55597eadbdc5d8600c1265031fb"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lezF%2FUC9%2FbHGiSgDPvrkDRffgduP3qGObTC6cfwdpdrfCP3lYKxIapUdA4HXbqfAT6NPg8X9E5H2mjzFRDSVBLsBUxBDhsK1tRuBTGd51P%2BhSJ3WUNmEBt6Lhfe8fYpb3PyZr%2F7AKBP8ASuPVVf5jwA6KJ3pgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70cf5a7129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/tokenpocket-57a4a886cc644e5237ac1558226154cb.png | 172.66.45.18 | 200 OK | 6.6 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/tokenpocket-57a4a886cc644e5237ac1558226154cb.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 1025 x 1025, 8-bit colormap, non-interlaced Hash442235cb72d9e15c295369041e396e73 726d60d9c09f48b8268b0323b4f41845c18c0c6c 7d29d77c8e6e0425979ff3712689a22bc8a8c07d2653da57c620a828b5944203
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/tokenpocket-57a4a886cc644e5237ac1558226154cb.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 6590
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "65d3d7e5f3c56b85dd17a146e822123c"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=brTg3tzncb3hLNV4BjjwAHrp%2BxZ2Rj%2Fi5VWL3f%2F0lKXLePAmTXscz1%2FFIxT99SVTMlM2CNQYMtJP3q4lKwMpGG8OCzNr8WdR0TYUExrLBXQK7r2fr7G49K8OezhVNKNyQ7p4cBWC9fCeXE1YSLOKdpEgX%2B9w0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70df5e7129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/metamask-69ce6b56bbc9953dfb4aecebdf88729b.png | 172.66.45.18 | 200 OK | 9.9 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/metamask-69ce6b56bbc9953dfb4aecebdf88729b.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 256 x 256, 8-bit colormap, non-interlaced Hashc4ff79e07cce011b60eacd026fa3ca7c fe03e0d06bb5aadf1a060d3b99ddc943d8810b4b 481ab42edaa77e032a7a53e2ae191a1d8f39932cac86e61ddb297cc71802c7bd
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/metamask-69ce6b56bbc9953dfb4aecebdf88729b.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 9914
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "4f651d53a8a7bec322a5f9c9e1b9c2c9"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZC71QxCmVEi%2F%2F8ifq2KA50w1ZZXEVFbA7Y2%2FrT5VPNrkP2mWGaRgThbimTiAsBt33NFmVCa2ZIb8iUUjEskYQvUjPMuorW1U%2Frigd6PzG6uVWghciHFI1vweXzw7Lf1xEuwqbaYNpm66%2Fru7LOnMHyJyHFGOKA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70cf4b7129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/imtoken-fd8c7c52dac6101568954e7448a49202.png | 172.66.45.18 | 200 OK | 16 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/imtoken-fd8c7c52dac6101568954e7448a49202.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 400 x 400, 8-bit colormap, non-interlaced Hashf0df9d44f9959b4f153a81fe5050e051 18baeb6efd7b6f929432a2d20fd5858c225c2c1b f0c3ec0a5a55984c9d9f25774bbea242596b5d976a65579f6ebaf82002a360c6
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/imtoken-fd8c7c52dac6101568954e7448a49202.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 16524
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "694b5f6ea2650be5add9fac84f5d02ec"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w%2B9bXzcMygIOIIiTNG1rIV%2B1soEEFbpW%2BHVNHL4ziyv3VCdyW4bZAS%2BGNVwmBlJzrPGRpVxwsXUr5r6ZhgY436RDfql2Dcx7muiFdIeZTgZ406JX9N4CsE1rLQQtiLNEYK5dZS2GIrODqStp450AC6XgQgK1Iw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70cf567129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/iogo.jpg | 172.66.45.18 | 200 OK | 39 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/iogo.jpg IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 78x78, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2], baseline, precision 8, 1280x789, components 3 Hash854a424ad9e76ec0e4459288718b8f95 d8c3718ff43bf84b84bbd23f5f72223110817cf1 3909d0caae132d70a750dfedfe1383bcbc2f8f23b8e39d35e74d5131ab3eb58c
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/iogo.jpg HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/jpeg
content-length: 38639
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "05079f7c26b5892ba3526529c9772595"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F02hx%2FgP2K9W6FPtQRz4LVpbMq6lUUjTurcjS%2F14oadB%2F9BBmt8wOQf%2FeO47Ed30R1Uv0%2FmZRpZapc7K0Nmbd0nQUhDTN9S%2Bpz1%2Bq6mYpfhTC23oR1tBlludV1JpjO2OPU29eR2lwkmIjsryH0hAVtWzwo5gVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70bf477129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/maiar.png | 172.66.45.18 | 200 OK | 36 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/maiar.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced Hashb0877d28e416ec23c239a7e10e2f397f fa9125bacbed52a0b96bc27be6b34dfa18451644 e2a3b0d3f1792998c5422fd090791ac37fe460fb86f3f0127f170ae74557e6f6
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/maiar.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 35963
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "8a42dc1d64426c53f8213177cd5c96bb"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fIVZag0iAyoWleepd2XRhBLiot0L3bk7D5crqzma4dRRg2RTGY5QCJT0oY2CViyyQNVqeDjstadjyPeZLvKyClsKRK2bKaYTKFifBk9zTwxcOsVK22peFwi3Jg1Ooe2YTBQnTkCpZZqCbJK5E4rEYOgUFRwxAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70df6a7129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/walleth-b60336f8dd9ea86285408cb4f96634d1.png | 172.66.45.18 | 200 OK | 11 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/walleth-b60336f8dd9ea86285408cb4f96634d1.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 256 x 256, 8-bit colormap, non-interlaced Hash0332a155bdf19b17b6a8f3d51441a11d 0acc86472737ec2cc4b8d5e8293af973bf0c9e3b 37d02e6539ffef6542a6d5706b7739c2a6daa87a3407837e34a2f7b985cf449f
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/walleth-b60336f8dd9ea86285408cb4f96634d1.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 10649
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "c31362fd1c7419a07ba419029a258a7a"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bp%2FkE0Tscv7SmA%2F6o1VUNQDYGPH0lqU7zBwg3w6j8sLJgiryPpvs5MTJilwvnh7xr9F9iiTSn8AveUVvS%2Bj9fo6A6HecSn54R3I3kkB787v%2Fm7uGlqj%2FGCR0FACCGgWLQtJhB11us9fZzgIWJSLzLYGQmgxSmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70df6d7129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/authereum-32f3939207b77c1837547d5ed4f86110.png | 172.66.45.18 | 200 OK | 7.6 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/authereum-32f3939207b77c1837547d5ed4f86110.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 596 x 596, 8-bit colormap, non-interlaced Hash3bf9c889b1978ce4246a0770a9330dbc 602d749051e8ab141f848ac779356bb72080d5e1 536118ed978930e9f559116dbe47e2d926bcbcdc68ccd66c09f35a233aac7180
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/authereum-32f3939207b77c1837547d5ed4f86110.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 7633
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "66a9612d1709a9203cba751ce2e285f3"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gmloBpwKN1hT%2F%2F7EI0Mtn%2Fz49mkP05%2Fsv1IGn8mwjKxwicGtXltl7X5Sp%2BsjOsQubFSyNlf4n3dcMYQEWCBfnM2ylCF5Rt%2FN84M7t4xQMcafEx17PDC57TTepp2hnToS8vF6btr%2FYUowF4ThGmDigti9t70wzA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70df6f7129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/iconex.png | 172.66.45.18 | 200 OK | 6.7 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/iconex.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 512 x 512, 8-bit colormap, non-interlaced Hash3b93d9538fe6a4f5d74238ca23e37070 037afd5e7b59d8d9427ef086d5402e5a50355f28 038d9256ead54592006735be4fa78312b0609bb222d141c09c95e8201fef347a
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/iconex.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 6694
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "3638c186156c59bf078cadba7c550710"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9%2B4VbJabmpOIy21MfL1y2CUQJy9yFfuRDNtZLd52OfNkmIhPJaJpc7pzeV4Q1XqSNW8Ue5oYdeyGInyqs9WihtIJ%2F2Sn0cqvssfD2O0cpzBywIT34OucN%2Btv0jBZp0KfC2KSsQLSJn3hPThsGhuqFW3EY1OU5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70ffb17129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/onto-983003d35fe32bf916f9eda381f138f7.png | 172.66.45.18 | 200 OK | 8.4 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/onto-983003d35fe32bf916f9eda381f138f7.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 1024 x 1024, 8-bit colormap, non-interlaced Hash9747beb608ad621d9602901df58d7d8e 59f8e6d6874a8214caf31036b2584afcc50e835e 10340ccc4fce1c9ad810ff8aae7405699f57a7f41f411c593b7a6962ff945975
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/onto-983003d35fe32bf916f9eda381f138f7.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 8388
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "23b9951802a7d44f24a03586846d51ed"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GS8ahbwLz9Gt6eG0QszV1eFSpTClrIZcDm5in69O9VNjqxbV3vhUtVEchGQ04szcGjfs35TTvqzo9o2BRZeBTC79N57Nrar1nehSZQTwyCEZ0T2lOaXVVJfes8nlJfwFe5bH7UdPi%2Bl9v2kpl%2FK5cDy5DcCUEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70cf5b7129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/math-wallet-9e2256cfa5aad3b33af05f3fee4dc9ef.png | 172.66.45.18 | 200 OK | 31 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/math-wallet-9e2256cfa5aad3b33af05f3fee4dc9ef.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 400 x 400, 8-bit colormap, non-interlaced Hash8ef1856a4f6cb16038b2608bf32c6bdd 477f99be9dd16d7ad84ec6f0451a9d9baea92391 d5d2cfce4b759fc1d2e19f4d2b5800935934defaf6cb7eb09550aeebb8f45405
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/math-wallet-9e2256cfa5aad3b33af05f3fee4dc9ef.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 30923
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "8e386b5077220ffac49ab102f44a85da"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jp6fe70dSq0EkAupcUH%2Fb8Ds%2Fjf8vWcYDSdgUi4gwz1MzKcLRYt90cie28uJgi9fd4trqLVLtdyxHQbSUhmGV0SrAdqS81SNiUz9mnbD3GecQHYZCBYtHOljtPkkTzQt2nf6UIUFd15pRlNs1ZZU3b%2BiKqN2NA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70df617129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/coin98-c5b50adaceaf474e48ef1dad150d0829.png | 172.66.45.18 | 200 OK | 63 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/coin98-c5b50adaceaf474e48ef1dad150d0829.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 560 x 559, 8-bit colormap, non-interlaced Hashd26fff041871f323018c7b301a694c7b bd6011749dbffcff4609af30450c7a4eac94c79c 2a35248b8c44e32680931b3218a99fef1ffa8b7b8a8770018c5e885d49500f29
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/coin98-c5b50adaceaf474e48ef1dad150d0829.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 63204
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "4449901712f50802b0aeb985ced3752e"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TSBPDZvCQB%2FL2vHEUdWU1cLsl4qL9yIAPA%2Fq2csATlb4WtmxOcHWpGo6pcfQaLo6a6YeMokiEnqJb4PA%2FQZFVxfGWDvsoB1Dhy%2Bw9dlSWgBcuCeA66141a%2BeBENfrQUPwaJGF43Mp41hd608K71U9%2BKRyAHpvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70df777129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/dcentwallet-f0bdbaec0837431b87ac9886bb22dfd5.png | 172.66.45.18 | 200 OK | 8.0 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/dcentwallet-f0bdbaec0837431b87ac9886bb22dfd5.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 512 x 512, 8-bit colormap, non-interlaced Hash47e2ad4467a524690e3a9a199cfea8eb 5c3d98c88e570f9779d3ba328c11442cf20b8921 1fcbee125b4a2221d3828710e5534d4259c6df3fd9fc84d63d9a12b338fe301e
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/dcentwallet-f0bdbaec0837431b87ac9886bb22dfd5.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 8033
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "9e0f157a2569390f6047d6ad17ae23cd"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bB9qaUgG9rIPabyI48EcWqzY2Q8Qa5%2BoirKtpVmuUNLZ859D2wbIUquimBXVkumD7H4nR2ZbckZHGuze8ErDLaJj1l5VsZk%2BkWzA31mGZmND9r0d%2B6tQw70t6U5ghgA4vHcb93IdX7Gmf8MOUWEtWI1hce%2BZYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70df7b7129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/infinito-wallet-68da061495160c96f4bcb5e70e612fdd.png | 172.66.45.18 | 200 OK | 5.3 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/infinito-wallet-68da061495160c96f4bcb5e70e612fdd.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 227 x 228, 8-bit colormap, non-interlaced Hash1b7bc4d69d08a6c0ddf62b97296c0f36 93f5777cb640b1967e29e5bc057cbcd9ab55919b 6410f0205a4c47eef380a616cdb3facabc8337846ec06394d36a3f6c2345601f
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/infinito-wallet-68da061495160c96f4bcb5e70e612fdd.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 5332
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "87026a500fbcde4c520a77c30897d265"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HCiuZuqs%2FUORFPLA70RHHMuPIDBkHcwy5nd6nk8E5pko2a1sOJRq%2FzvO53BRVFZAgIGnbpEfXGEDOfj8vut73Kgv8DaREj4R%2FXFnroGp4ZJ4CfIPljIHrt1TbCt77dRtKUoUw2db66eYDtme69H7KRhth2l1Rg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70ef8e7129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/sparkpoint-5c0d3a4ab850a7ee2a3f03e215b68f2c.png | 172.66.45.18 | 200 OK | 17 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/sparkpoint-5c0d3a4ab850a7ee2a3f03e215b68f2c.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 1024 x 1024, 8-bit colormap, non-interlaced Hashca3fe0eed06b6231639c5ee96fe85bbb ede1e38841e18072b65b0c4160bcb99272b86ffb 501f77f1bf6b2df8fb07504bfd369de4406276e886ee1c4b2adadf5dd11a34d2
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/sparkpoint-5c0d3a4ab850a7ee2a3f03e215b68f2c.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 17260
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "eb6318ee01572324c965ad58c8b2e3e2"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6qFra6mr9hDsBoQuUMgXXW651UonkQnjmDpNPY6AxUZbtXYhSBHGvq%2BYIwjWkg2Xfg00JnVjTII7CCI%2F%2Fis19tbwqt%2BhYWf1zdR7jglzlYTppqkOF0MDyXfdEWMM6wgeVYaLcXbYGP2nH1vytsWO%2BJT6esyOew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70ef997129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/vision-928292fe642172a18e62feb5eaa2d639.png | 172.66.45.18 | 200 OK | 93 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/vision-928292fe642172a18e62feb5eaa2d639.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 1024 x 1024, 8-bit colormap, non-interlaced Hash3b090704566275aaddc163286674d259 b34308c27d71a60099928a295cc325b693ee3255 9843c186d2321c9f833fbecbf153a22b1e7644960573f5e8b95868cd3401a61f
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/vision-928292fe642172a18e62feb5eaa2d639.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 92570
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "2c064a24d22ec3cb1f62c2624c167c3c"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UbCbw7DNInsekP2M6FGL%2Fkz4FczjCxPuK7agKgo%2FzWIQgbaKPPf1%2FxvTy2wlmttPB2P6Ij96mliCYTuj8hzp%2Fnm8yr8oUsDl21nSCy3vEr7vbK2AvZVS425fxu9BGGwozn30Sz%2FIAZWWbZYBbnjeeFIpd2dUvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70efa47129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/harmony.png | 172.66.45.18 | 200 OK | 68 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/harmony.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 2000 x 1995, 8-bit colormap, non-interlaced Hash6b180c21bb489df15ab322b75cfb5f3e 4ab3a4753478de2ecc6bc6300c99212f960736ad b9fa237940121a5a9ee286ec1faf16f1013e33681c55bb66808808b3eed86fef
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/harmony.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 68479
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "489e11d4fa19dd289537c49f04f44b68"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v3dSK%2BGyYGu5zulw6W9wO8Ks%2BrhbRjgQpPM1gPTIkvMWqSglc2P8RCc6O2MQ1IoC946Q%2BRPJENQ2UQSmMM8Fi5gwsLP7MzWI5Fq%2B4jtQ3ULAMuwYgSpFI9L66ld0kbkBsu0FR241XIjaehzHFwFgae2mUW3FOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70ffaf7129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/morixwallet-aa7d607cf9ad52afeb3b7c83e5f34eba.png | 172.66.45.18 | 200 OK | 23 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/morixwallet-aa7d607cf9ad52afeb3b7c83e5f34eba.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 512 x 512, 8-bit colormap, non-interlaced Hashfbb73aee20a5a62f0d3194549d1f540d b929ef44db26d0c4c7b3d05c14abedbf7216d014 d5434779dbda107074254ac1d5796197c5611f3e9481d45dd2df52d7d85c6912
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/morixwallet-aa7d607cf9ad52afeb3b7c83e5f34eba.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 23228
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "f7ac4ce400c22e57284959ac2e250a9a"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BxMkoTO6gi5IW7GNUHcouFgA3foNDOT1gBbxKSXHBxA8qkfJOM1B2Vg3%2Bph8Wwq7ys0p31cA7BBzAfJGJKM0Pix96sbyW1VLDA%2B2M6lWvf4c0N%2FXRStPoEmRRA48idDeUedq0Z%2BpDt5PY%2FI7bqa9VtEt7cf3nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f710fd07129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/aktionariat-c5784b26234a389632687a36d2fb3258.png | 172.66.45.18 | 200 OK | 26 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/aktionariat-c5784b26234a389632687a36d2fb3258.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 512 x 512, 8-bit colormap, non-interlaced Hashe8e7b60e78fc0239336f5188667d0281 216fb719dc1e60ddf159f58af7a8f27bebdbfe85 8b2480d2c4cfbec760ef72c539d35415d27d11ab0d8bc719bdb7184b86b4e05f
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/aktionariat-c5784b26234a389632687a36d2fb3258.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 25942
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "eece775a4f5adea57e34b4cf98fec694"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DjkRAaN5A%2F80pAkFUVn9zHUjQvGqGmUpXmRnk5yX7FoJL4z%2Bf4zy5q30hbjiiViEwLfNjp2%2F9wJVu9N3Ej2EIw8wrNpveZpIwqxE%2Fz6qvW3CfdFG4eyp8Gfy5hJciuNvmhJ1%2FwEzxerXtJwQUKyhNoz5NX57ig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f711fe67129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/cybavowallet-16e7e96f2e3df01fe2170da5267774b5.png | 172.66.45.18 | 200 OK | 140 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/cybavowallet-16e7e96f2e3df01fe2170da5267774b5.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 1024 x 1024, 8-bit colormap, non-interlaced Size140 kB (140157 bytes) Hashe32f670b6af5624d8724e2196b3d4379 4d83f118b5c7618a80d9109c5d843b2891789f00 b690836dac57a2a985b8bf613d478e1b554fcfdf7baf42c4ebdf49b298fe15eb
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/cybavowallet-16e7e96f2e3df01fe2170da5267774b5.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 140157
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "edc47741ea7eb64c51d4a0ba8b6adbac"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dv7hRud%2B69IBooThX%2FHDcDdN9U0p%2Fe7j%2B25MTX5zT5%2B2Wy7Z%2Bfz%2B94aqQslHU8CR%2FueNO%2FLZO9JcjEMW%2FgE%2FUUcfwTPxYXHzAtGfWo9E5bufJUI6so3GwhCQgHveJ9Be633FKStVXk5UfgkkBbp1a1PqEeluww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70df857129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/coolwallet-s-cc612ee7a151c1863293fcc69dd0f677.png | 172.66.45.18 | 200 OK | 4.1 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/coolwallet-s-cc612ee7a151c1863293fcc69dd0f677.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 346 x 346, 8-bit colormap, non-interlaced Hashab8305fccae0ad703631eb8edd7432bf f1cbee5fc46ba2cabca26357cc00c999d0edf7d6 3d259a231e036c77da9eb5def6ce778085eda636fc627cfdc608b3eaa9e9f804
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/coolwallet-s-cc612ee7a151c1863293fcc69dd0f677.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 4064
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "7fcf4ebbf5092489fb021e9d9e116180"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NoNM3kx%2B2r%2FmGMU0rKybE9tMrM1u66UiWl3TFqaxfYGOyC4fgnnU0Q9bYkleS0DSPrzsEhWsxW%2B6Tw8BgENnMrkt8R08OFKmDqmo3G3jSfmedosL6p5gpb8Qm1IgHm9hRQsfGRzZedrMUMo7k5O%2FcdaOJdJhsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70df7a7129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/gridplus-8cedce167d37ddaa02f2afdf55841d8c.png | 172.66.45.18 | 200 OK | 11 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/gridplus-8cedce167d37ddaa02f2afdf55841d8c.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 400 x 400, 8-bit colormap, non-interlaced Hash7eb9fb15a7d94157d461824e8c6c9fe4 0f10545dd2d557171450e84343d952c45f93123b 1aa5719d35592a108d797be1d29cad8b08a9f8741ed5fd1df611c95df088b1b7
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/gridplus-8cedce167d37ddaa02f2afdf55841d8c.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 10787
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "a24fc1c2b2f06f337c02aaa730fc3a48"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bxBwinijhzy0%2BaKaqUcaFZDAAWyFtdL246wJfIwUt%2FVMmO3SFien6XlBwQhLj5pJcYpibT6S%2BIEqRyhiEPO2EL9UnNLUUuTLQfTNrdGxeC8hhN7NxE0eTXJzrMQLhnCLhNf0ipWnISDB0L4mfMHJJog1CVmTWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70df847129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/graph.jpg | 172.66.45.18 | 200 OK | 12 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/graph.jpg IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3 Hash38ef74bf4b0242a948c52ff3a9754e41 67e21e59f6087ead5d551ed5d8ff7052c4ca9ea5 ceacd7aa1d3d773f5ec4fbdd345b856c08c06a94dbaad5cb1c57fa37026104af
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/graph.jpg HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/jpeg
content-length: 11795
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "fc1168241f4ba16df466380203d4fca8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZzlkLw%2B0lBPyOAxeGrMPjYKDOjjw7Ub%2FrqwSTj%2FVipMbwTFtTtGWslfP7shMaWUPXyL2Wzz35p8HTVbqvOspPvDLlKrvPVNtQdNWd%2BPStvhYXG5ZmtWQbNRR24%2FnoTlGY26ySAA5phLKo61xt5R5eJpuUwrWMg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70efaa7129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/keplr.png | 172.66.45.18 | 200 OK | 8.2 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/keplr.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 800 x 800, 8-bit colormap, non-interlaced Hashc30ca26ba11357d6b41fe261dae82dcb 1040fafc710e3eff3ffc3b30e7d440ad7d03b848 ebd23cea17832a2f15de84578be2b4585d577d1ad95c501fbccc30c3035ca734
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/keplr.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 8189
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "cadf88b4e9844d9321e5ede42c10d825"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pI2%2Bpaz3p%2B3vPY9CyRlPUPpzvAYWvUKIxxdSg1Y7YuujpXjHHIDF7CwReln2j11Jx5p2RCBTqQlqwm3BmBvTDIYaTV4QIVBhjQ7RH2IDGNCbS0p5jNfD3JjvXJYLdQ5eNg19lL4JIG%2BpMqFvzlEcXSag0%2Bh7dw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70efad7129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/xdc-9a98bff95dffc41869b8e77912a6cc54.png | 172.66.45.18 | 200 OK | 12 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/xdc-9a98bff95dffc41869b8e77912a6cc54.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 600 x 600, 8-bit colormap, non-interlaced Hash3422f769d0333523b8de1783c120dde2 1340bbb5612f944c0aa91b077b917d3621251518 71e8e7be4ca33f76c3fdcc4e901b5122c803a38839d991bf85909931ae3263df
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/xdc-9a98bff95dffc41869b8e77912a6cc54.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 12100
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "e37cfdc50461215094fad951c85c9614"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9U9h%2FLvXDYj52NMrRYnlFAHteIvyA33hV8Snplf8fzNcAPGfstVhEPV%2FszDPSUSp%2F66lrtQA5cyEPXP6UP%2B%2FRk5BcLFy7f%2F5MPuVLCFaUbltnIhiKZa8eReEN3xPApTEcMd4WwtW0SPQhOylj0ABbmZAoONIfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70ffb87129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/bsc-logo.png | 172.66.45.18 | 200 OK | 23 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/bsc-logo.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 338 x 338, 8-bit/color RGBA, non-interlaced Hash473b05a2b26173f477aa4fe36ddcf36a 449c7aaded7ff019d25cbc983ddba1b00f49b34c 25450d45cb0f88f0312d658ce75e537cf9b6c9dd5c6d7b905710c1afe5dbeb9d
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/bsc-logo.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 22565
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "b1a30e0217fc09dac12484ce0275d21a"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0LHlEiFaG6T%2BhuGgBwgilR5JckDXNhzehcfOBXdxFRlukyqvTCd0%2F%2B45JsB7fDrgf8Nt5IL2aJyKzpTIUCIOKmM5toFw429ipvObDPqebHULM3i%2FWNvEWGQCLYi77Wt0Otuf7J%2BkSQMZzx4h98vHi4A2QkjSzg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f711fe37129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/kardachain.png | 172.66.45.18 | 200 OK | 2.0 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/kardachain.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 225 x 225, 8-bit colormap, non-interlaced Hash3a45660943765c4ee8992a4118e24cf2 72fc8652de92a655f4da4832d75c4d6ac3c641cd 1433bff2fdf11ccb19773e344ab07ef3330a059e3bbb7fcad61c31de4c19c5e6
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/kardachain.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 2042
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "18dc6ca548a820349852d495af5fee34"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tj%2BZW9rFzSbCvk%2FayQm0h3xsOO3aTG0uwWj1lJX3Oh%2Fry1gJg%2BNe9MvhZRHiOtwFAuQYnNpc8OyQSv2xCbkU4isHvr8QjOGOhn%2BIPg9JOa7eS%2BwQJzFm%2B31LIQbffS9IHPrrALDWDzOwjSgQOa%2BbV2tRwj9D8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70efab7129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/atomic-4c02d2b33cf091fd83c7a49819394e41.png | 172.66.45.18 | 200 OK | 123 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/atomic-4c02d2b33cf091fd83c7a49819394e41.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 1800 x 1800, 8-bit colormap, non-interlaced Size123 kB (123157 bytes) Hash5615862ea7831a623e802c7e0e0aa088 dfe853ca3a4d56c25e88eef043cb8033dd614199 b8301578f01f78cb9b3a609ac8fb0b920e68422115476c9dfa3ce15879ad5625
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/atomic-4c02d2b33cf091fd83c7a49819394e41.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 123157
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "d19bb5729c7351954c946dd45fe65bea"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jCDMl9D06iH2lKio94FO9X2vXmSQcMa24i0%2FbY2Zg70i2s%2BLwxmQB7Qpojbms2AJEITCuMjmMhzcI8JYH0pW7P1sxhVun2Ajd%2Fs8RYD7WnrJefcm8rxZhd5ApiFoGYYQM%2BuiQ%2FmE6%2BwjkttnTkzBtma3KvnnTA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70cf4a7129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/midas-wallet-5c5057d972ca621414f077541845fc61.png | 172.66.45.18 | 200 OK | 10 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/midas-wallet-5c5057d972ca621414f077541845fc61.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 916 x 807, 8-bit colormap, non-interlaced Hash13b46b98fbb85588726598c62944c92d 8f7e333344d1e44edafb88e5d33f27e9d8b34c9e 55f5e1cafa6d56b09610509f452f993c3f2f9b0dac1217dd3245964d9e03e79b
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/midas-wallet-5c5057d972ca621414f077541845fc61.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 10149
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "98fb15a1c9a058d285fb3f29ba285f19"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aanFkOiVHZkC0uUzOTUxhAIjh7Aq3bjAUVOqgkjQtjs6GNutzqbRuiklFQOTjWPvGMPopwOUIJkqMTQmFttv5iv0r7iMxdVRvODseiVQN62BmCPsh4hqiCHI%2FWemZDaTgZKA2z2rUAUnDkhOQnhm78gz708MRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f710fd17129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/trust-wallet-66f8777532931d9c09b633344981a6a9.png | 172.66.45.18 | 200 OK | 4.9 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/trust-wallet-66f8777532931d9c09b633344981a6a9.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 256 x 256, 8-bit colormap, non-interlaced Hashaa4cae32f46260663fb90abc8153bea0 013828c94a8a6d44a95523b4352d5edd7f29a321 4c7260d3a03b17e68dc0b4983409158852404b56b9e4dfdd4f3724189a07dcc3
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/trust-wallet-66f8777532931d9c09b633344981a6a9.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 4868
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "2d3173e31da19da1a4f8b7fa3970a450"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sqv5kDMTIXsvzRYK7KHPoPR87in25GBBIS80hloz8P1zwLxNRo%2BHodTeh7PeSP%2B2WZZzz1y8HyPx60UPnQI2I9AbXeXw%2Fen6JcdJdSAxSV1mVKn1XAsB7OWniM5bZJs4YiaSWCU1m6IHPSh8fl4JjRsp1oKSog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70cf487129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/dok-a32c522e109217cc2a1a2a310f3c9bf7.png | 172.66.45.18 | 200 OK | 6.0 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/dok-a32c522e109217cc2a1a2a310f3c9bf7.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 460 x 460, 8-bit colormap, non-interlaced Hash09b986ff5f0d42dbb6d699f4346a8e96 daf24f272a2e893771daa66fe3ed044b6a6d56ac 5d37ac28f1a68ef5350099437f75851fd8c97e3bfb49fa78d2f6e57f856c792d
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/dok-a32c522e109217cc2a1a2a310f3c9bf7.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 5967
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "eb8c0a2b543b3ff15dab848ea148b1e5"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vK22%2Bs%2FJHb4jHCwnGFGbW4K%2FILqUy%2BoyuJG4Q7VK6pLqBBFlohl7oGrw7Ii8shBNlnK0vLR9tfGwSoSc%2BjPIAVGfD8JIETBGQlDEYU1dEEx7O1ttLAeT0s7gJFJD9gmZAQsWoiTDeQPNDm8FfvhDaoCKY5cBiA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f710fc27129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/peakdefi-2e1d4f97cc1a737a9aa765b3748ff315.png | 172.66.45.18 | 200 OK | 9.6 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/peakdefi-2e1d4f97cc1a737a9aa765b3748ff315.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 250 x 250, 8-bit colormap, non-interlaced Hash5977ec47a88ab5335ff142753d995494 0773cefb903c837d860cdd2e6a31545340e22c24 14ccbc0661aac1a3a603e124e1bb4e951968dd0171f7006182dc868ae85c79b8
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/peakdefi-2e1d4f97cc1a737a9aa765b3748ff315.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 9621
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "9cb276f0bd7f0e810343f89babd07463"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xclDeN7Q9xEUu97967oOfjSTtr1sC5gRR82FCtHdqI%2BewQjIs2Fy8kfSIyeUYhHqhoMogY3M3WntLwKEL3CC3HGSyI6W%2FCHFd6loZc44TooqHCAtKOcenOVMf02YInKiMOZf0hgyA7soZbW3F%2BqpLl2LmXySzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70efa77129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/wallet.io-198f396de22fe25eb370f46544abe69d.png | 172.66.45.18 | 200 OK | 11 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/wallet.io-198f396de22fe25eb370f46544abe69d.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 400 x 400, 8-bit colormap, non-interlaced Hash6936b6160bc96fcfe6f17ef68a5791cd 88b8151ef1cb6c9b34e6d364038bb9e264276b37 2c181af611618f9787aec5272ab2097b7a62ae3a1a853b4ca0ef3757272aab4e
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/wallet.io-198f396de22fe25eb370f46544abe69d.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 11274
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "f241ff74325aef91afb7fa39a6e5ca23"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IV4wim4XpUHazsPNxaMGu7ib2N51RJpYPV72yy%2FrE1CgtzDbAAgZtHAt1AHkd6IpHweOO2quGGo%2BasqQVuwWIOeWsmhg3hm7yXzGyLklDcsMVGBD8VCD%2BiG43hSX48lRN22XFofOpcgB6rj2vLEI90%2Fb7ZmRtg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70ef917129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/unstoppable-0d3474dcd7572ac2080b0f4ce632dfac.png | 172.66.45.18 | 200 OK | 6.6 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/unstoppable-0d3474dcd7572ac2080b0f4ce632dfac.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 320 x 320, 8-bit colormap, non-interlaced Hashd01b142caf1f55bb8f9130b14401bdf6 af0440ebd1b74e7a567b261a917cd25f51a69622 ac4dd9c4c99afaa2c2ef08c401feeaebf3a0ceac2e6cc01289daa67b5ba9ef62
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/unstoppable-0d3474dcd7572ac2080b0f4ce632dfac.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 6558
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "8852bfabe3cc3ce9c362b68d02425020"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5jiiMSX4uX8le5vycWYeIHH4eWMPJ4Hc3uAmaeBE08FReP2X9SG7L4f8GPasSzgnCmBWqJskfu%2FAIeltzT6Kw4TVwvz2qoJgOkeuH3ERNNAcaeLfQ0nZCpTvezozYQ47qMSYhkVVvitxhRmnzY4qlAAmXb3yig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70ffbc7129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/mykey-7419df5270c0406c80cba19fa5165923.png | 172.66.45.18 | 200 OK | 7.2 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/mykey-7419df5270c0406c80cba19fa5165923.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 400 x 400, 8-bit colormap, non-interlaced Hashc62edd4dd8392f1d69385ef8e92e3a0f fd35d200521818573aceabc9f199cc8652cbec82 4bdc954d148ff3602de6e063814d9104faa7d2ef8d0cd9592fc2752be97d61ae
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/mykey-7419df5270c0406c80cba19fa5165923.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 7192
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "6b5d12923a41d8a441d8a64a1e9530d9"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cc5vigoxmdgjtfGTPZUzdJE4eUGvsGOPIXy%2B5CR4yxPGyihhzN2yfBIu19qUVMFJF1VTmF123Q9l3sUBctieY%2F0ruF8ZDCfI8VcDwCJU%2B3bySut%2FXV%2BXNFqLuvsq6LvY9miGU0q9elBg5Z2CPF2oSJY2uiQS8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70df727129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/viawallet-ae1502eddf4d2ed89abd36907dd3ae8a.png | 172.66.45.18 | 200 OK | 11 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/viawallet-ae1502eddf4d2ed89abd36907dd3ae8a.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 600 x 600, 8-bit colormap, non-interlaced Hashc8b38eaa1c15a39d22e66b29fbb31b02 3d6791b76a2fae2450436a00b9cadf800acc2db1 84a278ea7d8477744a805fa935bda7e8ede51e7c39b5f4ba193a784000ce6471
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/viawallet-ae1502eddf4d2ed89abd36907dd3ae8a.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 11314
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "c1e15858b7a13825f53f39fda4262549"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5qlhuX4Ugm8k41zF7TpVDg1yyRqjpbECyoWVojcK71R8ObMsI7KkQHWhvInDrzc0jiAomY9hW%2BboVqFBwMY%2FfrF02nhd368z%2Bn%2BXAEKU01nTCIfya6KxZQZF57%2BKsPUKrmnPa2pScIy3tOgGMuw7ECdaAKiLMw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70ef9c7129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/zelcore-d4c1a7a444b95612f6373f0b536b6ccb.png | 172.66.45.18 | 200 OK | 45 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/zelcore-d4c1a7a444b95612f6373f0b536b6ccb.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 2001 x 2002, 8-bit colormap, non-interlaced Hash6b0fcf3084e61d672d0f39c0c8bc4845 c5a90ebda934c04e524eabcaab5d4a9e5be8aa53 27db3752a4289c09b2a3f970487ee860daa7288f04cf3e3d7cbb8961272a3e68
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/zelcore-d4c1a7a444b95612f6373f0b536b6ccb.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 45396
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "40c94b279ce352c3b5857c8b239b6eb3"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7g%2FMlJF8z4HE0gxClaStjdA8uryInQ7KXbElrjlYUzlnve77Q%2FNP%2B%2FELyExBwxgnXUoKukSoFZuBcgt78aDDOzQKDlrQjgRx7PoY4TXyeivd55OPm7xJHpx566Ufs9F%2BZZn7o2iXHst6kBO9skCVLhYjCsWMng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70df807129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/keyringpro-830b2c0ee1db401dd64c2899eaf2adb3.png | 172.66.45.18 | 200 OK | 26 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/keyringpro-830b2c0ee1db401dd64c2899eaf2adb3.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 900 x 900, 8-bit colormap, non-interlaced Hash73de0559b186341586412385e3fd1443 3aa91ddd56d71047ad43cff928f1ee17c074e50a 7f926b400154c1118a0cf47cf0b18ccf973613336419466d61d4f4c3a1cc3617
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/keyringpro-830b2c0ee1db401dd64c2899eaf2adb3.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 25892
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "3cf83f4d56bba341288c869488d47305"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cZhcOHMHovvgfufNH5ICjbNnGLxVl10p439diPFQXXIQ6FDGzUtbDaHu%2F1OfkDa5BUkCTvH0B3h893HZdGjPOu7NUCfxBMJkST4UsavlLcj8nZBJWkIuBpxWpMh9XRx93WLKv9mbb%2BbleRw4AWS5NR%2F1NqyXNA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f710fd47129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/bitpay-1573dd6c95eb38386f181048663590d0.jpg | 172.66.45.18 | 200 OK | 7.6 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/bitpay-1573dd6c95eb38386f181048663590d0.jpg IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3 Hash5c1f0b3baa9072f7d0d76066fa67cb54 f5ec960f111ef16ee27b1c1e1b4a0c0b4e530c17 6a3def54dde9303756979ae76f8f310509488bb9559be873c54a4ca4bf23a8be
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/bitpay-1573dd6c95eb38386f181048663590d0.jpg HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/jpeg
content-length: 7554
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "b9fb64a925419d2faa89872fe262d6d8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OUABRVoxry6374oH2sKAIB1PPbWxpxI0ON0qZwQQ1excQrsF9pvaHFZl1GUEl5i1ydngV7OkBlqAML5ut%2FoV7sjSRWNsxB9OEC1bkYYdBBA4a1BX6zDGnn505ePwZzbBJTaTQg1tQDhUTYYq%2FTjxzvBgqmTyGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70df647129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/trustvault-9031a67f82293fc50ead978f936cfff3.png | 172.66.45.18 | 200 OK | 11 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/trustvault-9031a67f82293fc50ead978f936cfff3.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 900 x 900, 8-bit colormap, non-interlaced Hash99334068bec9a6b45932d401f7afaa6c bfca20025e7689fe4f269d3558ce809eef0382df c8cd51c2b6e389f70a3dac8e163d106a3bfd6d9d19a91f76548c02cf33aeac19
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/trustvault-9031a67f82293fc50ead978f936cfff3.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 11036
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "c3b8b3ee22932f8403644f8d960ae62e"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=09hJZC1aLff0YWaUGO%2BwCAeUUKq%2B2tSNh3vGz38AGZyyIyEBVx5KU86UWx4MQKPl6Lq6%2BO8UVmRsQHKPlYrBEYoK57GOYx6Dwn3H0dCmbZ7Ajlxm8HpOjcqXu%2BhEBsMYyZiMP0em22I24lM9hZW1UWHIs%2BWxYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70df747129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/bitkeep-387b0ca7da4cf322f44c70c23064c529.png | 172.66.45.18 | 200 OK | 7.2 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/bitkeep-387b0ca7da4cf322f44c70c23064c529.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 400 x 400, 8-bit colormap, non-interlaced Hashbaf9f6d8d1b4ae2b8e085edaef7629ee d6906ae73610f7679495760a48a82e705b5257a6 4f1047f6fe8115cecc59ad226c8714d496446f564703f6c6128dd28168f89fd1
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/bitkeep-387b0ca7da4cf322f44c70c23064c529.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 7226
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "530f6d39722f1b25945e5ba5b90995e7"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aqYTwoAeOVJANBi8zSnnokRh1KPkdQU6%2B5Uo2dmRfOOaWnL8TAxedhg08Xg4zw16JtA2o%2BR4AYLZilttF%2FWQrzeTe8KR5LwL2BTdRlQC6tSAtAElgm55ihKpcvfolG%2Bq4IucDP4T5ykxjs3TsPixVR8gCYOxyg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70efa17129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/cosmosstation.png | 172.66.45.18 | 200 OK | 3.6 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/cosmosstation.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 567 x 567, 8-bit colormap, non-interlaced Hash404d042308fa1677cf8cc84ea09de2d8 cf18b29f6daa5e4c9b1779fd4a172f4c3f1d43cd 2f7eb19d196e5b38b884be42a70e37e55a4005384a05559d686ef94133f88983
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/cosmosstation.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 3578
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "7923d6e9c9e47b5cf6eab177621758e7"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JGeUGc%2BzTdb5e%2F4AY5K8%2Fg64d%2F5m%2BbvQYRtR0CPWLL7iwPnC5iO%2B0d%2BayAFr5S%2FuEKGjfhVoH3NnG1jFUqaiB29r7poe8LnrUdcu4D%2FcVUKnLXH4vPlrXjhYOA5x5vgHrvzvuzVwv9cecAq337CWUjMtT8FEFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70efa97129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/infinity-wallet-48e78bc97f96bad14ee6b781423a69ea.png | 172.66.45.18 | 200 OK | 17 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/infinity-wallet-48e78bc97f96bad14ee6b781423a69ea.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 939 x 939, 8-bit colormap, non-interlaced Hashd42d0ddb4d1cb8a5f4312b3dca0c19ce d55a5a0333f739be3d4dd89ce5e5747e53b451b7 4d1ad0895c520cf08837d57c4fb47695a9201d710f90f15750b67113831eba5d
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/infinity-wallet-48e78bc97f96bad14ee6b781423a69ea.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 16780
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "b47d58f09b3abe932b0d70c627ca5ba2"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d%2BC%2BR8FeQ22Qj24JxYGbelTM%2Fi18kWVMvHFCMMqpMwl8jBnmT3U6YNMHh%2BfK4Ga%2FqBaiDEUx1UjIXc5zlmJMNJYVtuR%2BXCu%2FVhJSmSoXOhGT6G99vV3TcaqNtjBH4sePHip9XXUrDYWKx8VBdado%2FuemRob%2F6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70ef937129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/safepal-1022b40e2ea3a4a6bb19cf6ff28d8b92.png | 172.66.45.18 | 200 OK | 17 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/safepal-1022b40e2ea3a4a6bb19cf6ff28d8b92.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 338 x 338, 8-bit colormap, non-interlaced Hash3eeb70e42da8860540cd540f5565909c 42d381e05b34f7e86e56a15204d81792fdae6a49 85da9acb383b073e3b7192692307cbec8226bf87573da4f345765f03010fa678
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/safepal-1022b40e2ea3a4a6bb19cf6ff28d8b92.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 16695
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "da9735f1e1ee8d2b2482301d12179240"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HO%2FKdk3tMutlWyNC5wHoFsfRQybIwinBFRez9ak6e2AmAlsXip%2BnDg9KdVFPywZ7umvOg732V7fv4hV0e5I7baIr6FtMdcvXyO05IzLv6R2Qy28hKM4ezSXBrxZAcKFfgKZuDDEX7jSvLlLVQZLHGu9mpTFkNA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70ef8a7129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/ledgerlive-9fe387e571fb42ed5cdf08e29bc920ed.png | 172.66.45.18 | 200 OK | 7.4 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/ledgerlive-9fe387e571fb42ed5cdf08e29bc920ed.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 460 x 460, 8-bit colormap, non-interlaced Hashb61380d1d625acd5236637674ef89540 bbc2345ca11d7753af9027df2e975b83d58cde71 12ce508093871afde606fac87247346fd775a111efd0e6aba9208bcfa63641d4
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/ledgerlive-9fe387e571fb42ed5cdf08e29bc920ed.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 7417
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "61051e5eb2790660aec783b7245fe082"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z7BnDHcGQrVxarBvZwffAVIJp40tQS1irBNQUQNEJT9Hp1qnKLAbkUhR7NJyst7Kbcy7oB9KV3NrtfWy2TJo1A7lmYOwsefMpZnjDRnNxGl95l683kDh5rDkqHrdyXhWjG0V1Yt6y%2BCppEKu%2Fd9kTmJVQjth%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70df6b7129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/ownbit-0b6b21e40acf2fa0f85d2c5ce38c4c51.png | 172.66.45.18 | 200 OK | 41 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/ownbit-0b6b21e40acf2fa0f85d2c5ce38c4c51.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 532 x 532, 8-bit colormap, non-interlaced Hashe8315763d1717aeebd75864bfe07d7d2 d78755727d54f4c0cb25a24a4907571d9d5850b7 820ce188e231cdb04cd4a1b4b5f66babc0690a730914a67535d5752f2a53fca6
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/ownbit-0b6b21e40acf2fa0f85d2c5ce38c4c51.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 40585
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "20c3745fb0c5b9e0c29ba0591c09534a"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QkR5iDGys1Dg%2B47UmGkxp6WP28WYI465tdq87SCYMsDAtie%2FcUpG0Pj7FmjKdC2KGMi0%2FGdNiBPWrb7ffLuGa%2BEmH9lN6l6nl433DRu%2B%2BMObA4BpfjjLSYbVS850GSjct78ViMKEJ6%2Bq3JaMERGb7hIp08SfBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70ef967129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/wazirx-logo-rounded.9bff9f42.png | 172.66.45.18 | 200 OK | 12 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/wazirx-logo-rounded.9bff9f42.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 1024 x 1024, 8-bit colormap, non-interlaced Hash9ba2192a5a41f8ce3274d1c94d7db369 1d3892ba1f63610e89bc1d0d10a04451d1a9bffb 7686521d3e7bca651a2090b7c874f8509206e0ff525dd47664ae2a5bc0adf2e8
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/wazirx-logo-rounded.9bff9f42.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 11806
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "f0a45d4127a7215de8723a0190534f4b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kZY7dmev8Pn%2FKTzMcbeWsGzfPE0isFG16J%2BJInZTGYlXsXnFISGCBUV%2FNcLVCPWlzGJKSrx4Fo1EDj6vQoIpcq%2FDnxoA%2BIU6JqI9ciW1LQRulmFaGaYxxKyHjhQign%2BrxZ5uHTWVzFyB5QVZ%2FqDuO4WrIghyOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70ef897129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/fonts/Inter-roman.var.90e8f61d.woff2 | 172.66.45.18 | 200 OK | 183 B |
URL GET HTTP/3synchronizationconnection.pages.dev/fonts/Inter-roman.var.90e8f61d.woff2 IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
Hash9f65ebbc36df3b843743386f466b4762 7badf2fef2bbbbeb1e9d4e190d7ce8d5922bb8e5 81f1245459ddb2da01edf99f17ee1ec4af9aac281f661a3bafcf02fc7d3440bc
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /fonts/Inter-roman.var.90e8f61d.woff2 HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://synchronizationconnection.pages.dev/css/style.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: font/woff2
content-length: 183
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "918e26b9fc5a1f78d23ce4b86736c1e8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p0Ndh7VKUFVu5LODxM8JSn%2BQ5G7MHAhoqVmAxsfyLzTsoDZAcvLlzsaZIAh4SVHtPwsc3uUigqhR6VPXNHj%2Fa%2Bu4yl9RAvc89AdpZNYl9JF01nnLoG9InBbzguYhNrV1eQbc32EqdoE8IslRm1gUopMsYv6mWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f734b7b7129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/fonts/rP2Hp2ywxg089UriCZOIHQ.woff2 | 172.66.45.18 | 200 OK | 18 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/fonts/rP2Hp2ywxg089UriCZOIHQ.woff2 IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 18076, version 1.0 Hashad513518b8de790106aefb37f7304835 c0f06121be08d11af3437bab4886a700c3c15f56 951a3b8ec1c6a0ae2767a3bb90ba6995397c5d13bd7ff79ea0bc87529b8024ea
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /fonts/rP2Hp2ywxg089UriCZOIHQ.woff2 HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: font/woff2
content-length: 18076
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "cbe93bb69e81ef1d676e1f77eb6e8f19"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4bUfrEfSpJOEh5YnGAP4NxeGlvo7RETJHeU7cKUh78vAUlX7VtMS4EC%2FE3VDKtVtV%2BT1w7gVJsERjSbUViFPdfGZSkRfanBQC36j9K4J6899D%2FNbDMpIiU8cxPtGhIAGc9cvpOwN7bJ0wlKrMl%2B34mHtOZziVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f735b827129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/fonts/rP2Cp2ywxg089UriAWCrCBimCw.woff2 | 172.66.45.18 | 200 OK | 18 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/fonts/rP2Cp2ywxg089UriAWCrCBimCw.woff2 IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 18296, version 1.0 Hashfde3d0124cb7ec9415ce2b8ebaf89118 ae93664d7ab4ef117c6171cd6c0ce13d29637b72 8d3411c961b332008c61452f483ada3da4cd0fd06cc264c7f2facfb01bc4b1d5
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /fonts/rP2Cp2ywxg089UriAWCrCBimCw.woff2 HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: font/woff2
content-length: 18296
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "6fa59fc69581dfe1825b392b29afb92e"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eD%2FEb7ugX4TuU8ue3%2BI3taZIFAQ%2FDD33QWIGyjTywJWwTFVhtym%2BUmWtw2eHoi8ydd%2FJF6DEfQpdyVNQhCXdX0xtBu4aDtK5%2FC5HZ%2BE%2FzJMS85TcJWNgQWWMcnDzFaZSpVR9ziyFdfsTUPKE4EycaG3jxz%2F0Uw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f735b877129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/fonts/rP2Cp2ywxg089UriASitCBimCw.woff2 | 172.66.45.18 | 200 OK | 18 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/fonts/rP2Cp2ywxg089UriASitCBimCw.woff2 IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 18244, version 1.0 Hash171ccc885c8deb88a0f3b55096584514 508db0c1eaca7d0d4af54598d17e57467a8d503b a8e5a0c39f7371f633203c6e77de59b3fff273bc2c1a5df9c1356e6dc24ad92d
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /fonts/rP2Cp2ywxg089UriASitCBimCw.woff2 HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: font/woff2
content-length: 18244
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "4a1f3fb1b7e3814324ac147b717a02ca"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2hjga18O%2B%2BH9%2BumTOPdUQVd%2FErdoH54Oiaj48EG%2ByOY%2BRNVXGsiUrFHR2%2BqpfxJaXU%2BJXjeC%2FBwBY7uvzK1yESOzSNP8G3r%2FDNSCAca8w%2BkcJQP5fQ1ZLWVSaMRuYQn85kzjSzoizv0Y82YO5Xu24HewaDuapA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f735b927129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/fonts/Inter-roman.var.90e8f61d.woff2 | 172.66.45.18 | 200 OK | 183 B |
URL GET HTTP/3synchronizationconnection.pages.dev/fonts/Inter-roman.var.90e8f61d.woff2 IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
Hash9f65ebbc36df3b843743386f466b4762 7badf2fef2bbbbeb1e9d4e190d7ce8d5922bb8e5 81f1245459ddb2da01edf99f17ee1ec4af9aac281f661a3bafcf02fc7d3440bc
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /fonts/Inter-roman.var.90e8f61d.woff2 HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://synchronizationconnection.pages.dev/css/style.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: font/woff2
content-length: 183
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "918e26b9fc5a1f78d23ce4b86736c1e8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5kd4SxjHEz%2B9U6P5EecuUGRBv3xhiPwR%2FeJe3bSjNKGbiVqDnQ227GVv2bOFsZvSSzYo%2FN7U3yF7lcgp4nModn9yTOMUMD4aUwO2zCI4VAvQosqkoKHACs%2B%2F4EbawBXc9920ScXXToXz2DBclCkYzpqePOBBkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f73dc667129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/easypocket-436ea3270a7bf77c02a880bfc70d0ee8.jpg | 172.66.45.18 | 200 OK | 5.6 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/easypocket-436ea3270a7bf77c02a880bfc70d0ee8.jpg IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3 Hash7de1955aa2f99c18e7cd406f13acfe01 74b84eb6f355cf673db6ba3ef82ae689a648ce42 7d1f310427268c947d775c0446b1ef416ad38d43a98dc7aeb877e56c28c044d5
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/easypocket-436ea3270a7bf77c02a880bfc70d0ee8.jpg HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/jpeg
content-length: 5625
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "40f08a078ccda22ca5814fd4d56ecac6"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OJ6DQsDa50lXHwjh0Oo%2FHzNH0aPcoaLn0gRjr%2BftZKtEeXz9LU66fPFep3SUHQZ1uwM9PPYiuAtDBsVAf%2BAt1J0M6htkxGLtfH%2BuLVq8P1EgCj9PHZdlq6erDdZL07LaZR1%2BMxBdKBtkJcPA9l%2F7TSdU0LfbTA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70ef977129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/blockchain-logo.png | 172.66.45.18 | 200 OK | 12 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/blockchain-logo.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 1024 x 1024, 8-bit colormap, non-interlaced Hash335e0da6439d61d0f94a913a67707c71 c45fb1d7a6a6fd7be7928f565910aa6e913f5690 7f8ca27957b9c11eb5258bc322ccfe39c1fd540886f003650c228b20613a4574
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/blockchain-logo.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/png
content-length: 11781
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "7edce981bf2ca6edd2028d3da39afa47"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KGJ0B%2F1ckXM2oWDJU3qWk%2BX8ahIYAfJlm%2FQmHdQAcxPc24SfeC7VsUWgo2tVUIrx%2F0CHRTJvAouEAQG4d5FcGiRRU4lyxgNEGuHyUa5Z6DYcElyIwaNW3pcCFpSRzxdndzk99K0AY3M%2BdhYCJGiiIduzoBFIfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f711fda7129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/meetone-01093db7d99e3e6cf5cca68b616f8255.jpg | 172.66.45.18 | 200 OK | 18 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/meetone-01093db7d99e3e6cf5cca68b616f8255.jpg IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3 Hashf2456ba68e1bdd5d53dd5b5eef562921 0d32bff54274fc101bb0888b6db8d25c4def0945 2ecb5d0da52ba47ba519a3573e53811f3ea819d84d2d8d92a581aef5c100be49
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/meetone-01093db7d99e3e6cf5cca68b616f8255.jpg HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: image/jpeg
content-length: 17624
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "48938f42a34434616dd625ebc00303e6"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YZR%2FrWxWCgG2Z2Rp4lr8elzneQ9Qo9h15BrQBuGSlmR%2BN%2BoXTlizB%2FCSB%2FPGh%2FKEb3Dey3d7hKV5LD72qv4nEukhumZuJueNbKrSjXBrfUMEOrEDAQzwxr1j6W0hDbvJZKXlcf4S%2B9nD1mHVvm7kjIZh7e6cww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f710fc07129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/fetch.jpg | 172.66.45.18 | 200 OK | 3.1 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/fetch.jpg IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 512x512, components 3 Hash7f0aa532fd60cf5af4619629b239a76e b9bde53a6546b3ad3eaacd7efac048acea4813e3 35f9e1ec44c891655f7b11fab9f08d42d21746c0d277e6fdedb586e5c8b73ceb
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/fetch.jpg HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:38 GMT
content-type: image/jpeg
content-length: 3123
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "daef61aeeb18203e6268486d25ad9750"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5ULOxEHqT7pV72FVnifFjT0J%2F0qvS5LYx%2BuSqUp%2Fuv1uk7dmOE7mXeu5PoU6zUvZSuhxnVdmSzPqqSaTtb2sdlefwReFMVRRV348IyoHmnL%2BK6LuziCC6Qy38vmdH28pOSsLNa2SthAoXxTfVvnGcVot1Xd9bA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70ffb47129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/atwallet-2611d814a50a964b89d5f8bc1e5cb3a0.png | 172.66.45.18 | 200 OK | 17 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/atwallet-2611d814a50a964b89d5f8bc1e5cb3a0.png IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typePNG image data, 512 x 512, 8-bit colormap, non-interlaced Hashc74318ffce0700799c6d01663d6a991c d8439428dfbf0cc8ae284fa1bcfd2d0f1b24246e 627aeea61959b31a6aa6f5d3bc454e885935b8de00b3cdfc856bca95619b4859
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/atwallet-2611d814a50a964b89d5f8bc1e5cb3a0.png HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:38 GMT
content-type: image/png
content-length: 16957
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "f593f3d5e2df9e0072290111a842f282"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZkqYqPqjNzfzm6r3Xob29mU16ax%2FiNrK9SDfnzehaig1h812%2FXgkk%2FFZRi%2FqyCn362kFRt65ATZs%2B6OwNlbkK0D%2BaIaABULZgF5Va6lYOlzHwhtALuUE5Aw%2FHZ8pyxdT%2BswqWaFOyzDPbAjGh8fBLBZ18vCapA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f710fc37129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/coinomi-7eecd68e38d78752d68b7232bd9c58d9.jpg | 172.66.45.18 | 200 OK | 14 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/coinomi-7eecd68e38d78752d68b7232bd9c58d9.jpg IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3 Hashecd4d927ed747e9b340b45410665ec6a f9a65b0a40924bf79caf2e3ffddf2586fdb26b4a 72e14e276e668c5c0126853543d6205dec0dc5f7aeebb6634b7f631aa125f157
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/coinomi-7eecd68e38d78752d68b7232bd9c58d9.jpg HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:38 GMT
content-type: image/jpeg
content-length: 14122
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "51a63d97c422843be8f11f6f2aeb1ef6"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nSdj7vUq21jv5HZ5BVxM%2BuzzF92zWdF%2BbiZniqCxmcQzLwid1TBxKgCh1hCasqKLhBHBprnzr7xUVruKY0Mlt1fJQWSqcn6z8NgSr2%2FHuJM0%2Fo1uUWdcinLMCPgs%2Byb9cAoj2ILbUkD2UQInV3GxTgX3kWAPXA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70df817129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/favicon.ico | 172.66.45.18 | 200 OK | 23 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/favicon.ico IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typeMS Windows icon resource - 6 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel Hashcd1b88373adad3f59fd6b6cd69a2db77 08d60e57879d442a466221260c9904470b836e4d 917f37ac2647df69b7a2c23de2e013ef21b0182c7f2fec20807f6e835e117540
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:38 GMT
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"2a26e431380f59dd1bcde6dda017487b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d7QeHqgeo1k96DzImSy0iawwyCswZlWdk24sy4deTyVgwReHzxZWkjlG23OEv33A%2BYn1Tc3BpRMelLLk%2BHeo1x6XzfzQGpsRaWajP9zI3acOFp%2BRtjk%2BWcL1Pm9U7ogSGwZq%2FQJOMlzgEEUMjQ9X6tQAb3VWfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f7698207129-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/css/style.css | 172.66.45.18 | 200 OK | 53 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/css/style.css IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typeASCII text, with very long lines (324), with CRLF line terminators Hash6cb8fce63e63fee259560db1d35d6802 3a3c3c513986f5eeaccd43606a557e7865a73590 eeb20a26ade73b1afaae9e6447e2ff54575a96227a77d4057bacda68ae5f718f
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /css/style.css HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"8bc2baa6e8992d5ea67049da22584fee"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6%2B9jkoXFeCB04KkCFm66YfeWpM6k7T1Ms3dmHz3NgpUE33hLsPXBafoK7ZLcbvi03pi7WOYl3kZkLFgny%2FqsVbaB9W4yhOcOyyo3Vn1A5OFdkp%2Fe6RPX7RTCEV929xmFTOoFkrrDZOp8EVPe24NssQqcx9HaJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70bf3a7129-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/js/jquery-3.6.0.js | 172.66.45.18 | 200 OK | 289 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/js/jquery-3.6.0.js IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typeJavaScript source, ASCII text Size289 kB (288580 bytes) Hash2849239b95f5a9a2aea3f6ed9420bb88 af32f706407ab08f800c5e697cce92466e735847 1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /js/jquery-3.6.0.js HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:38 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"21598c5bc9a3876d01a81c65ad214903"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Od4aGKVE9HPuih9cOckR94CRykT%2FueCGVg8ECUJ%2FIG8mn5TjbUr6Yu8SGtQCvMUk4vfcuOXu%2Fx4282RmFgigi%2Bdt5o06P0JN0rLsSQvfZcZF4Ieuh515mMs8mv7CghPCZzq%2F2lY6W5GdpgF2jdJRXuiszcdB5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f711fe77129-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/js/js1.js | 172.66.45.18 | 200 OK | 1.7 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/js/js1.js IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typeASCII text, with very long lines (1792), with no line terminators Hash79b9de73949f04af8e1c0ca2e2a47fb3 8cdb8ecb64322e81712d8b3ba0f8d9dcde8ef7eb 4cad78c03f022c70719d7c700d733be018f6128e9ace37616f86e3684f56a9ae
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /js/js1.js HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"602963e4763bdeca37983b2f2d31122e"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tDE9yVk6d4tiM%2B7T4y8ltqxzWESkHarzMF%2BGtCct%2Bl0T2WICZfwcqsGzowxGiuL6bNMKCs5hRhZuvKC5%2BuiqILvbbhmoYeASBB9DoOqb19icSp6dSnHqcgfZimMooE2Z1Cn%2FhoerU8xsOOr9X3xtNDDQW3vtUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f711fe87129-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/suspendedpage | 172.66.45.18 | 200 OK | 6.6 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/suspendedpage IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typeHTML document, ASCII text, with very long lines (6693), with no line terminators Hash637c64dcfa59899545c1dce3f050200d 8cf7d3405932c23d2b4ee4c3473a611cb924c05f bc61d266b689e585d2ae0c93c625d665dff0f4dfcbfc0263df35ca4c1bb1494f
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /suspendedpage HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"3ccde490460495c706b685541bb8460e"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y7N1n%2BTatblPSv1fQlhlPhmwcqCyyWMoLN8SkcOCtfuU9%2FupxlJVGXPJ%2FWaVHmiekFac5jJJh5H0bs1ldTypjXptS7q3GF2sd7j4yDWiqTOJz7JA9RMTbvx%2F2aYQGq814P7ovsFyNq1fjcVeOBUA%2BurIvzuZOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f7198c97129-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/js/js2w.js | 172.66.45.18 | 200 OK | 4.8 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/js/js2w.js IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typeJavaScript source, ASCII text, with very long lines (5241), with no line terminators Hashb3f21ce1351a5f70053d0ed3683d3293 40dbc08b7fc6aaea3dac339b099c0ef07c710d11 15c1777b0f000309ff35cf53a6f68f64eb8112cf2f72a1e8461c6972022302b4
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /js/js2w.js HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"54860e7e3b021bade9e25391aca8faf8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JM4nnMiNMAwSHHnpDgppNdh2cl0cyVkbdCxjyxv9%2Bf1QCr1FALFp4GLoooxVZjFQ6%2BjxjspSIySQsXIYa5KGFihGb2LDUuqCPnYSSVXbpkA26smftzGxvRFmgjybqQlM4CTtssQxogJGc7qJyXB9FznCEjWIzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f711ff07129-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/images/metamask-69ce6b56bbc9953dfb4aecebdf88729b | 172.66.45.18 | 200 OK | 6.6 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/images/metamask-69ce6b56bbc9953dfb4aecebdf88729b IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typeHTML document, ASCII text, with very long lines (6693), with no line terminators Hash637c64dcfa59899545c1dce3f050200d 8cf7d3405932c23d2b4ee4c3473a611cb924c05f bc61d266b689e585d2ae0c93c625d665dff0f4dfcbfc0263df35ca4c1bb1494f
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /images/metamask-69ce6b56bbc9953dfb4aecebdf88729b HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"3ccde490460495c706b685541bb8460e"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2R87%2BIslLSHWh1gbkMb4PNr5U1JypR73%2Bl03BTUg%2Bjib9pYwQnwRwzJw4xbLIlYuSR80eYP90CrC%2FTNF2TWYPpYKIClSxn%2B%2F9l7%2Fr5O3Jpx9RkufKRB3pNw6mivtfFPoUNj8%2Fz3JC16GLhW17ZTb2FrM8FBZSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f7198cc7129-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| synchronizationconnection.pages.dev/ | 172.66.45.18 | 200 OK | 202 kB |
URL User Request GET HTTP/2synchronizationconnection.pages.dev/ IP172.66.45.18:443
CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typeHTML document, ASCII text, with very long lines (12867), with CRLF line terminators Size202 kB (202404 bytes) Hash0fd72f143aba7c006fc87ef854917538 b3ea52ab81c7f853f5e2e6ce844f5502fcfc5c68 904f986752889e718049b8d9aa4b6895ae67e5958420096fb56d6e59f42c9ee1
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"f1d13827aefeb64189c79d7f59abd58e"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aujGvYn5%2BPEbbDy4vt6KEqAjnk%2FoIsrduzo2hLqC9N4MZk3fw2mkoCi2S%2FkMWvo2d1Ai8D2i8MVEnhJY3w46gQ6tJ3Z8z2W%2FPQASJAHPY7Ux1Cn0bjrMJkJ5FFP4DCC2SdKSeeQxFMlGrfSTD9zgeyLEdqEFfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f6e39a00b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| synchronizationconnection.pages.dev/css/mystyle.css | 172.66.45.18 | 200 OK | 198 kB |
URL GET HTTP/3synchronizationconnection.pages.dev/css/mystyle.css IP172.66.45.18:443
Requested byhttps://synchronizationconnection.pages.dev/ CertificateIssuerLet's Encrypt Subjectsynchronizationconnection.pages.dev Fingerprint05:38:25:E7:71:AB:5A:B8:6C:07:B3:05:AF:07:D8:AA:59:B6:21:E0 ValidityFri, 15 Mar 2024 13:16:13 GMT - Thu, 13 Jun 2024 13:16:12 GMT
File typeASCII text, with very long lines (12958), with CRLF line terminators Size198 kB (198097 bytes) Hashd6a32727c0e531baa646eddab296b3e6 50272cedc167da6a215f9bfc81886eaeacfbc66a 5c3bff52ed9e8cd9b933917aa0aed3d31ef1be6854a4a9253c708144cbb4e5c2
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
GET /css/mystyle.css HTTP/1.1
Host: synchronizationconnection.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://synchronizationconnection.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 17:53:37 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"41b412e5532dc9151163430206bd8ca5"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sPABkf%2FsRsj4oAmkQLnSAP0NqxDv1%2Fpj2nU7zKDOIStNJjxkG6mmDsG%2Fa06r80WHlKeAqey9q%2F6bAGZAKiYhS%2BsaTY11vh3yW5fd%2BZSD2V5Mqsllc0ts1Qcd3D2GKfpdBr9i8fDnjnq52lHLERmy608y0eNdng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b4f70bf3f7129-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|