Report - pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps

Report Overview

Submitted URL
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
IP
76.76.21.22
ASN
#16509 AMAZON-02
Submitted
2024-04-25 05:40:26
Access
public
Website Title
PancakeSwap
Final URL
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
282

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-24	1.4 kB	330 kB	142.250.74.168
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-24	487 B	3.5 kB	142.250.74.106
explorer-api.walletconnect.com	unknown	2009-12-19	2022-10-10	2024-03-30	5.7 kB	63 kB	104.18.27.46
pancake-trading-fee-rebate-api.pancakeswap.com	unknown	2020-10-08	2023-06-29	2024-03-21	548 B	634 B	76.76.21.164
m.stripe.com	1092	1995-09-12	2017-01-30	2024-04-24	484 B	912 B	44.240.235.135
verify.walletconnect.com	unknown	2009-12-19	2023-01-26	2024-04-20	579 B	356 B	52.57.86.163
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-23	2.3 kB	72 kB	216.58.207.227
aptos.pancakeswap.finance	unknown	2020-09-12	2022-10-24	2024-04-04	468 B	1.9 kB	104.26.3.169
www.walletlink.org	107091	2019-05-14	2019-07-09	2024-04-16	1.2 kB	1.0 kB	104.18.37.8
region1.analytics.google.com	unknown	1997-09-15	2022-03-17	2024-04-23	834 B	479 B	216.239.34.36
www.google.no	25607	2001-02-26	2016-04-05	2024-04-24	623 B	578 B	142.250.74.163
rpc.testnet.fantom.network	unknown	2018-07-30	2021-02-08	2023-07-11	551 B	413 B	164.90.175.140
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	unknown	unknown	No data	No data	25 kB	5.8 MB	76.76.21.22
relay.walletconnect.com	unknown	2009-12-19	2022-06-21	2024-04-24	4.6 kB	660 B	3.126.230.177
tokens.pancakeswap.finance	132107	2020-09-12	2021-06-03	2024-04-19	2.6 kB	2.3 MB	104.26.2.169
bsc-dataseed1.defibit.io	69102	2019-04-12	2021-04-13	2024-03-22	6.9 kB	15 kB	99.83.204.86
bsc.nodereal.io	unknown	2021-07-19	2022-07-27	2024-03-23	572 B	466 B	63.34.132.130
api.thegraph.com	87448	2004-02-22	2019-05-15	2024-04-19	3.0 kB	20 kB	104.18.40.31
m.stripe.network	1204	2017-03-16	2017-05-17	2024-04-24	1.4 kB	94 kB	54.230.111.111
js.stripe.com	1149	1995-09-12	2012-09-30	2024-04-23	2.1 kB	175 kB	151.101.128.176
assets.pancakeswap.finance	unknown	2020-09-12	2023-02-08	2024-04-19	6.8 kB	127 kB	104.26.3.169
hub.snapshot.org	439912	2000-10-31	2021-03-16	2024-03-23	1.7 kB	2.4 kB	104.26.13.125

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-24	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet
2024-04-23	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/	Crypto/Wallet

PhishTank

Scan Date	Severity	Indicator	Alert
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/pages/ramps-22b3a0c3a0851df3.js	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/IZLMtatxGM1y1qcj4EcEm/_ssgManifest.js	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/6074-142cf53623178492.js	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/6403-180f446b71dd1d25.js	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/main-0785997221e18e7f.js	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/4253-ece81cd4224dfe83.js	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/8210-a585b5bf27b841b8.js	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/7875-e604b8271f71ca63.js	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/4351-463f46f5ddfb0dd9.js	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/1732.580bc0b12da6139f.js	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/quote-worker.1ac00aeec6a8b8d4.js	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/quote-worker.1ac00aeec6a8b8d4.js	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/1518-807be149c1b04211.js	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/css/f15ae5acfa72202a.css	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/images/decorations/phishing-warning-bunny.webp	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/images/decorations/3d-syrup-bunnies.png	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/worker-chunks-ed675b153cc8567b.js	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/worker-chunks-ed675b153cc8567b.js	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/5298-309e53b67e4c2392.js	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/6351-bfd7d6f3a8e94f52.js	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/7507-da3be5528e111e16.js	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/4768.d9b1d54b7879d92a.js	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/5370.6f2ed6a12f926b71.js	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/webpack-d8440d89d291090e.js	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/IZLMtatxGM1y1qcj4EcEm/_buildManifest.js	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/3676.bfc136fe6917fba7.js	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/5185.17a9876281b49b94.js	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/782.11a99be71c87365b.js	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/framework-9910fad42761648c.js	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/900-011ae1c0fe9f9296.js	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/pages/_app-d21bca908dc69ade.js	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/logo.png	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/5569.1a233de1fa5a4a3f.js	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/8940-2680582ce3921897.js	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/8940-2680582ce3921897.js	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/css/8ab97594b6c016e8.css	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/4568.796287f6c5d648ca.js	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/css/8ab97594b6c016e8.css	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/2892.b79a9cb802c91f90.js	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/favicon.ico	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/9332-3a8484ec85c99144.js	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/8394-2b149c4bb6108264.js	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/4568.796287f6c5d648ca.js	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/4861-3efb5f77e6bf6644.js	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/7444-360c3f79697d7d4b.js	Other
2024-03-21	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/3804.5c782b135a9ecacd.js	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed
2024-04-25	medium	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app	Sinkholed

ThreatFox

No alerts detected

JavaScript (53)

	URL	Size	First Seen	Last Seen
	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/worker-chunks-ed675b153cc8567b.js	1.0 MB	2024-03-20	2024-04-25
Pretty URL pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/worker-chunks-ed675b153cc8567b.js IP 76.76.21.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-20 18:00:45 Last Seen2024-04-25 07:40:37 Times Seen14 Hash 33d9bbcbcef3a9304bc8bcd2a6c9cecb c3c9e58d36f1aad04dba2b03204b4cb0ef29b334 7fd9ce983f68bb663f6064458935dfd3af549941887c4a93a6085da7e4959592 Loading...

	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/6351-bfd7d6f3a8e94f52.js	12 kB	2024-04-25	2024-04-25
Pretty URL pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/6351-bfd7d6f3a8e94f52.js IP 76.76.21.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 07:40:36 Last Seen2024-04-25 07:40:38 Times Seen2 Hash 3d5ae80d27e5650c2326d9468fc96424 ef515c92d01c8cb15bb4a7d38d4b29165020aa38 04c63b9373ddc528ff8284c21f76b182d8b84eb484b684c7a41895fd5c0a59ab Loading...

	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/7507-da3be5528e111e16.js	106 kB	2024-04-25	2024-04-25
Pretty URL pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/7507-da3be5528e111e16.js IP 76.76.21.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 07:40:36 Last Seen2024-04-25 07:40:38 Times Seen2 Hash 15caabe64e9852ce4f471a8665d81e08 3025ae21fb8fd81f23d489e807aed46b7e2bd2c8 e4cdaf8cf1455b4d86daea20f7f0ef12b7442f7213fed31990a99de311f65c94 Loading...

	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/IZLMtatxGM1y1qcj4EcEm/_buildManifest.js	16 kB	2024-04-18	2024-04-25
Pretty URL pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/IZLMtatxGM1y1qcj4EcEm/_buildManifest.js IP 76.76.21.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 05:49:39 Last Seen2024-04-25 07:40:38 Times Seen6 Hash 9dab99c08ee63b509f9746c9e439da9e bac29bc5acb8a284fb276a41104f0a4f2b8ce148 7a3a7af0c7440fac81ce3fe8b5b16ae49a14bac75d91b70a890a93dca0a43b8e Loading...

	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/framework-9910fad42761648c.js	141 kB	2023-03-13	2024-05-03
Pretty URL pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/framework-9910fad42761648c.js IP 76.76.21.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:55:31 Last Seen2024-05-03 19:27:47 Times Seen229 Hash 46b92cd043fe51d3018c33c2faccb623 2e49e403cd93b8bd131b754c8bb2cd95ad527c1f 6a002e3da5cdfbe42873232c822d868fd714564876f69f22a7187b989fa393ba Loading...

	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/7444-360c3f79697d7d4b.js	2.5 kB	2023-06-26	2024-05-03
Pretty URL pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/7444-360c3f79697d7d4b.js IP 76.76.21.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-26 01:02:34 Last Seen2024-05-03 19:27:47 Times Seen30 Hash cf3d137988a48807f06a3e8663fb24c4 5dac62d46c27d5569590cf01d400e00c5fbfac99 84ef55bfb722085a7eb9b2bf2cbb78af7ca3e340cdd4eaac94961fdd13e42c56 Loading...

	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/6074-142cf53623178492.js	35 kB	2024-03-20	2024-04-25
Pretty URL pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/6074-142cf53623178492.js IP 76.76.21.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-20 18:00:46 Last Seen2024-04-25 07:40:37 Times Seen9 Hash e5b6187761df30c4fb5bfa3174d5d3cd 23401999d77ea9f407c0f5f3aa8966e5ac4c6f20 e6d19d72140ab70e8aac44b134148e1ea1fa307c4aec7b3feee9cdfe575a10fb Loading...

	unknown	7.1 kB	2023-04-13	2024-05-04
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 18:55:48 Last Seen2024-05-04 08:12:30 Times Seen142 Hash 0d2140dee39492154f51dbb091899646 d789666da4b4b2a40ae160096b8d3176a3aaa9b6 aaa1b317dea91a9663d318fba5076e2340cf36fb619b9751ab2305b22dff591e Loading...

	m.stripe.network/out-4.5.43.js	89 kB	2023-06-30	2024-05-04
Pretty URL m.stripe.network/out-4.5.43.js IP 54.230.111.111 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-30 16:45:34 Last Seen2024-05-04 20:05:10 Times Seen9880 Hash 69cb7809b5011312e716f29b3d19dce6 833dabfb546d57065aeba7190b5ee5a2428dfa47 e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c Loading...

	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/webpack-d8440d89d291090e.js	8.6 kB	2024-04-18	2024-04-25
Pretty URL pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/webpack-d8440d89d291090e.js IP 76.76.21.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 05:49:38 Last Seen2024-04-25 07:40:36 Times Seen5 Hash 6954362172b178b32b1d54a12494c54a c34c7f8697acb0b620597eff6600bd3510561431 509288c24f58c62c52b3d1b45e2d5000dafbee758821cb477c3fdaaa00dac30f Loading...

	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/4861-3efb5f77e6bf6644.js	14 kB	2023-06-08	2024-05-03
Pretty URL pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/4861-3efb5f77e6bf6644.js IP 76.76.21.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-08 14:34:03 Last Seen2024-05-03 19:27:48 Times Seen198 Hash 2e5f13e529de38f4c7a898034d048c61 de7104d674d9ae064d85726165f7b8eb14ed28b1 64cee8b66ce8ba35aefd2b129fd35cb40711119d777a296802ffcfff6e6e68cb Loading...

	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/8210-a585b5bf27b841b8.js	9.8 kB	2024-03-20	2024-04-25
Pretty URL pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/8210-a585b5bf27b841b8.js IP 76.76.21.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-20 18:00:45 Last Seen2024-04-25 07:40:37 Times Seen9 Hash 413d76e3c613fdf5a99563847e8bb75d 48bd792083c91a80588c5b74127d7fcc3dc7f9d9 d42bde03006cc07bcbdbbb411c5614374a10220e7034423208abd735728de480 Loading...

	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/pages/ramps-22b3a0c3a0851df3.js	508 B	2024-04-25	2024-04-25
Pretty URL pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/pages/ramps-22b3a0c3a0851df3.js IP 76.76.21.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 07:40:36 Last Seen2024-04-25 07:40:37 Times Seen2 Hash c204025c9b609620d287c01430be2b1f 918087fe49fe687d10eae0168c7377b18d44ab9f 9d6fd77847b74866ba2dc6871f743ca7045fc50b74318f17a04be3b456b762f1 Loading...

	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/IZLMtatxGM1y1qcj4EcEm/_ssgManifest.js	811 B	2024-04-18	2024-04-25
Pretty URL pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/IZLMtatxGM1y1qcj4EcEm/_ssgManifest.js IP 76.76.21.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 05:49:40 Last Seen2024-04-25 07:40:37 Times Seen6 Hash 4ff78952953e795b22ef97391aaf260b 7fcab2c58b662ce9861f15c3b29304458bc29f7d 8f1d5756562f822c21b0c1d0fae404402b2c981a5df0e45228587643d9598e9d Loading...

	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/5185.17a9876281b49b94.js	119 kB	2023-05-13	2024-05-03
Pretty URL pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/5185.17a9876281b49b94.js IP 76.76.21.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-13 03:43:00 Last Seen2024-05-03 19:27:48 Times Seen94 Hash 1cc2b2fc08b0a0772dcb49c0a2cc406e 02c4c094e825ca5343f5278f024f9ec2010298ce 6c8e7944580e21fe25821fd97a14dee32539407d22db0a6a3c64d39d4c72ae30 Loading...

	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps	415 B	2023-03-07	2024-05-04
Pretty URL pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps IP 76.76.21.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03:50 Last Seen2024-05-04 08:12:30 Times Seen284 Hash 8108e209f29e71a28b6d2804c92b7c94 5e50cef00cdc0a12c554ef5c84b4c591ef3a9e68 7c356d0fbd3760874f15185be99244fd2bdcc3203b8194567d144ce8aeabf440 Loading...

	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/1518-807be149c1b04211.js	11 kB	2023-05-13	2024-05-03
Pretty URL pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/1518-807be149c1b04211.js IP 76.76.21.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-13 03:42:59 Last Seen2024-05-03 19:27:48 Times Seen207 Hash 3f46977d9b0661718797f9f6a81def97 7827f12721ec5a28d8fc5164f18ad9457c59b6a7 099d9417752b9ce255dfb29a959d0dc91a2baaa6ac71b8d9e408e7ff87044ba8 Loading...

	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/6403-180f446b71dd1d25.js	15 kB	2024-04-25	2024-04-25
Pretty URL pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/6403-180f446b71dd1d25.js IP 76.76.21.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 07:40:36 Last Seen2024-04-25 07:40:37 Times Seen2 Hash 4a36f18adb63547b473df49dd5c8af25 9f1356fdfea8fa6b6c84791d195f859a292bdba6 fc063bed6b367f0c81e0dd695194d543f828233a78660b4ac8586f431567963f Loading...

	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/3676.bfc136fe6917fba7.js	142 B	2023-07-13	2024-05-03
Pretty URL pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/3676.bfc136fe6917fba7.js IP 76.76.21.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-13 01:45:07 Last Seen2024-05-03 19:27:47 Times Seen73 Hash 24d6a4793454886507bd9328d64a417f fab42afb4ca6da0409cfabb386b23b917517c4dc 3ebc9a16d6dec44f8ce35537c4a1775180c00fcd1346d2678fe900ddcdbb3a42 Loading...

	unknown	12 kB	2023-04-13	2024-05-04
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 18:55:47 Last Seen2024-05-04 08:12:30 Times Seen132 Hash c9e4bf35ee251941115cc15b2f5072c2 b27f56d57b2ba23ec2dc845ac6c7e9d05f4d9426 d3c23082c9ca57ec161d32234fa36bc7bcb575d96377f50b7f4ea618b67af553 Loading...

	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/sandbox%20eval%20code	147 B	2023-04-11	2024-05-04
Pretty URL pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-04 20:18:21 Times Seen344783 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/8394-2b149c4bb6108264.js	44 kB	2024-03-20	2024-05-03
Pretty URL pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/8394-2b149c4bb6108264.js IP 76.76.21.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-20 18:00:45 Last Seen2024-05-03 05:11:45 Times Seen23 Hash ca02cb21718db3ab448c7d8204be089e 1e3060cccd6eb155b6f35cdc6d1c33bf7dca49ba 530475dd121227c652eb45b2241e84f8c01b5c5d8937762d304e7b71b43b442d Loading...

	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/1732.580bc0b12da6139f.js	189 B	2023-06-08	2024-05-03
Pretty URL pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/1732.580bc0b12da6139f.js IP 76.76.21.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-08 14:34:03 Last Seen2024-05-03 19:27:47 Times Seen69 Hash 193e391c62b77e9bf00ad62c66275408 cac60b876ba42ea941b680ed8f325494f67797e0 1b729ab7966f7245035cf1a2b13ab0cdfd7796e792c26c83fac40266679d1d7f Loading...

	unknown	1.4 kB	2023-04-13	2024-05-04
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 06:55:26 Last Seen2024-05-04 08:12:30 Times Seen616 Hash 3c6c44d510f1c570bc75408cd9d34acc 1f30e3eb128014facddd10367765a5b562741c17 4b3b599147e1ab82a96b220d5d1f1df37ec7babb04b707e58cbeaffc99506f16 Loading...

	unknown	7.1 kB	2023-04-13	2024-05-04
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 18:55:47 Last Seen2024-05-04 08:12:30 Times Seen142 Hash 73bbc899b56d5c2f47242fb69e06851f 7d0006ef6697822526e77bb6eb9a5e552be5bdcb ff7e30813fee70fe2c747a98cc5253bd32a5d6587a42f5c411028674bc3bef0f Loading...

	unknown	3.7 kB	2023-04-13	2024-05-04
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 18:55:47 Last Seen2024-05-04 08:12:30 Times Seen142 Hash 0b7f7eebb50024f82223122c4389c5e5 9855d96219da10293d108fbe19762233297af239 57f24e0a2bf6b18ad87540b4c4f42a020cd3d8aac7e383f58cb001546409da4a Loading...

	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/pages/_app-d21bca908dc69ade.js	3.1 MB	2024-04-18	2024-04-25
Pretty URL pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/pages/_app-d21bca908dc69ade.js IP 76.76.21.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 05:49:39 Last Seen2024-04-25 07:40:36 Times Seen5 Hash 5ccb3933ed0f6943f5fc3accdd668805 c0d653bde07f1bc940d3c9a9805dda3fde3e6e68 12f43356d31fb7bf87a503efe3781403f42d246f3f3d19053c094723a70882b4 Loading...

	js.stripe.com/v3	619 kB	2024-04-25	2024-04-25
Pretty URL js.stripe.com/v3 IP 151.101.128.176 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 07:40:36 Last Seen2024-04-25 22:18:34 Times Seen19 Hash 889cd333c072def16ccd664ba98308f8 161aee9a9a27ef4c2bc408f08f4a62b03cbb543e c678eb6075444e6900a93bbabbe43842cea3042ff153d4c194b54e9cea2f9347 Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-04
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-04 20:18:21 Times Seen344277 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/main-0785997221e18e7f.js	118 kB	2023-06-08	2024-05-03
Pretty URL pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/main-0785997221e18e7f.js IP 76.76.21.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-08 14:34:03 Last Seen2024-05-03 19:27:48 Times Seen79 Hash 46788ca3201af8ee2b7bd75d99ec91f9 607baf6837cb956f791773c1cbcfee5a3b53e89d 2b7ce862a23bf3a1e95d2f516165021c9e2e40061740c003d3ec48589ee271ed Loading...

	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/4253-ece81cd4224dfe83.js	367 kB	2023-06-08	2024-05-03
Pretty URL pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/4253-ece81cd4224dfe83.js IP 76.76.21.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-08 14:34:03 Last Seen2024-05-03 19:27:47 Times Seen151 Hash 6b95044fdd2e3177e2dddb81e433471b ab23c2120631d65e7dda01def810f201358cb8f7 ee528067473d3731453305be2e5c8f23df782b3cba5875f614d049149e909fab Loading...

	unknown	414 B	2023-03-07	2024-05-04
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:50 Last Seen2024-05-04 08:12:30 Times Seen200 Hash cb034f7eb3e7c265b039e103c1c5e178 95d3bc14b14fcf553f584549359bdee67986af53 728d7396daddeb179473440832a2fc1cdb26cef4d7515c96747e032646956c66 Loading...

	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/4768.d9b1d54b7879d92a.js	294 kB	2024-03-20	2024-05-03
Pretty URL pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/4768.d9b1d54b7879d92a.js IP 76.76.21.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-20 18:00:46 Last Seen2024-05-03 05:11:42 Times Seen14 Hash 17e900bb83eff348221206d7eeea9bab b68743d668444f2e12acef84ce236c9b2d011214 7badb79646b695b9c10ef6d73f4e7aa79de8d87a5cb989d4c654015a15be2230 Loading...

	unknown	31 kB	2023-04-06	2024-05-04
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-06 22:00:16 Last Seen2024-05-04 08:12:30 Times Seen605 Hash 210b269f4defa2ec028e1f3101e8a8e9 33f126e12c70b65c9d881c535693be1234ad76c1 72a857efb2b1acae4d6c595d8524ed1161b0fd72f26d580ea765cbf6e9bf6627 Loading...

	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/2892.b79a9cb802c91f90.js	1.1 kB	2024-04-18	2024-04-25
Pretty URL pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/2892.b79a9cb802c91f90.js IP 76.76.21.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 05:49:39 Last Seen2024-04-25 07:40:36 Times Seen4 Hash 7edeb49623cf722b6cd8833bdff0620c 6315841f4f8d6f2414276a8ab74a983041ea931e ea1a65d95c35dfa993bb6dfcc324966bc072c1630e5018ee4fb26fc03af5393f Loading...

	www.googletagmanager.com/gtag/js?id=G-334KNG3DMQ&l=dataLayer&cx=c	288 kB	2024-04-25	2024-04-25
Pretty URL www.googletagmanager.com/gtag/js?id=G-334KNG3DMQ&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 07:40:36 Last Seen2024-04-25 07:40:37 Times Seen2 Hash 88a0219df506a991153a7c9906afd14e 831fa55fe3659d92fc64c7f93420df8f7a4daa9c bc1d09176c0252d72c5647608fbbbcfcf01a89b7c2b0f20d67cf7cbad3592074 Loading...

	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/5298-309e53b67e4c2392.js	65 kB	2023-06-08	2024-05-03
Pretty URL pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/5298-309e53b67e4c2392.js IP 76.76.21.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-08 14:34:03 Last Seen2024-05-03 19:27:49 Times Seen194 Hash 5b3d0e7658b834ddf95ad288d7a7bf0e 0ce802786dcdaf74961b06a2bf87ac07c92e56c4 cd284958f7187362f3a10d504382b8fef07a1751e8d5042ed6b5f436c7c4d648 Loading...

	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/7875-e604b8271f71ca63.js	10 kB	2024-03-20	2024-05-03
Pretty URL pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/7875-e604b8271f71ca63.js IP 76.76.21.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-20 18:00:46 Last Seen2024-05-03 05:11:43 Times Seen12 Hash b00edc9b681c54e9a79de581d19f89b3 5a2cfdfa49b0a4cd0c6692caeb9fb3a38f9a2871 3209e2222c5e7fd37cd2b19a7a028e5a6e3a19311b91721dac3e2e7d18b8d827 Loading...

	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/9332-3a8484ec85c99144.js	28 kB	2024-04-25	2024-04-25
Pretty URL pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/9332-3a8484ec85c99144.js IP 76.76.21.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 07:40:37 Last Seen2024-04-25 07:40:37 Times Seen1 Hash 02d58746fb67f11748f89eaf8ba33421 db724529b136e00e844572706e57c013949b182a ee8139d193d8a771cb352d48e652e304de97cf6a15025a1b7a2cb8f70d5dca53 Loading...

	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/3804.5c782b135a9ecacd.js	86 B	2023-06-26	2024-05-03
Pretty URL pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/3804.5c782b135a9ecacd.js IP 76.76.21.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-26 01:02:35 Last Seen2024-05-03 19:27:47 Times Seen60 Hash 51248ca3a7069f90dac31e324b5d577e e8b0cf2d6212a3e931fab48c0d669b6fdca6c11a ea6d7b09d0b72b833bd863e5a50eeca94556472bc275e70297b3f4cd22304b1c Loading...

	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/5569.1a233de1fa5a4a3f.js	474 kB	2024-04-18	2024-04-25
Pretty URL pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/5569.1a233de1fa5a4a3f.js IP 76.76.21.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 05:49:38 Last Seen2024-04-25 07:40:37 Times Seen3 Hash 2387c017008ccf08111d6a96213c431d 93729cfc7b2b96616774b78904760dcccb44a6ef 8d67d44dd78357c6f3b6c32897284227a2d6562d573ea6f57a0115498cb5e7df Loading...

	unknown	1.2 kB	2023-04-13	2024-05-04
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 06:55:25 Last Seen2024-05-04 08:12:30 Times Seen612 Hash 8fa8e73c03ccc7442389e683956f520b 88bc476a7e72dbe8d1c8015c020743ed0db5b349 36f0055ed3688c8bde77f94d9b2cd3ea80a393087946c85541753447a2356ecf Loading...

	unknown	12 kB	2023-04-13	2024-05-04
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 18:55:47 Last Seen2024-05-04 08:12:30 Times Seen142 Hash 733ae31fc30835a8d123166e81f8fdcc db78d52ea3e54454dc899dc61b8686026ef43c47 a363784a31a7bdd15353db2137524491058446f63b89856f24a961b39820c82c Loading...

	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/782.11a99be71c87365b.js	14 kB	2024-04-18	2024-04-25
Pretty URL pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/782.11a99be71c87365b.js IP 76.76.21.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 05:49:39 Last Seen2024-04-25 07:40:38 Times Seen6 Hash 71fdaa3dcdc98dee1fab697481b187cf e62a88cd0ed83f49ff45893cf065c62e9000f2f3 e0094c07b564c63ab21863bb5b4166184db600a3192dd1e6b0c3611891184d5d Loading...

	www.googletagmanager.com/gtm.js?id=GTM-TLF66T4	230 kB	2024-04-25	2024-04-25
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-TLF66T4 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 07:40:37 Last Seen2024-04-25 07:40:38 Times Seen2 Hash 8565af9defd275bd71038553178a9bd3 350d01f24fe8cdaddc1442222949ed89b6db9de9 2bb648c273e6a9356e5a4fc2beb2cfdbd09cc763462591bedcb26029f516b2b8 Loading...

	unknown	363 B	2023-06-08	2024-05-03
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-08 14:34:03 Last Seen2024-05-03 19:27:47 Times Seen45 Hash b70e3541ea967477f6e91841f267de5d 05282a4d59fbaaac77e22c29c5321527b6f458bc 17c52ba7d7c161e5897316b6a0b0ea2d693e7c1b046507c877ba2fd3205663fd Loading...

	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/4351-463f46f5ddfb0dd9.js	11 kB	2024-04-25	2024-04-25
Pretty URL pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/4351-463f46f5ddfb0dd9.js IP 76.76.21.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 07:40:37 Last Seen2024-04-25 07:40:37 Times Seen2 Hash 022075c1c1e56f0fbcc2e6894fbcd24e 131eb3d0cdc033366e2410d6eac279ff7da89311 32dd2c47e11bf2f384eb9ae9ce7ad358c35accbd7e7309c6a46c62879117c9c9 Loading...

	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/900-011ae1c0fe9f9296.js	8.0 kB	2023-06-26	2024-05-03
Pretty URL pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/900-011ae1c0fe9f9296.js IP 76.76.21.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-26 01:02:34 Last Seen2024-05-03 19:27:48 Times Seen43 Hash e75f525b1cebd7a66b61d6c6c82fdd83 4c8aaf5c01edba02b9f3b6dace601a727267ae87 7f4782afa58813033a144d804580091169838a97c9aa396e4e73a5021eaf5b13 Loading...

	unknown	4.1 kB	2023-04-13	2024-05-04
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 18:55:47 Last Seen2024-05-04 08:12:30 Times Seen142 Hash 5f5bc6c7414b17cd12ceda7aec384310 699cc3fa8f5a42535bb176958d05533cb7c32c5e fb7e1e7979229b06fc895b9877dec3dbdb5a53ce3ff9eb30efa71d35f7f313d9 Loading...

	unknown	27 kB	2023-04-13	2024-05-04
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 18:55:47 Last Seen2024-05-04 08:12:30 Times Seen132 Hash 265933cb78b580c77acbfa25fd8c1b7c c2059684de95075099175851d337d6fa51528efc 25b06c9272ef63d273e77fd789feadf37b00ff83c884cb7416d1fb31158a8a1b Loading...

	pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/5370.6f2ed6a12f926b71.js	138 kB	2024-04-18	2024-04-25
Pretty URL pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/5370.6f2ed6a12f926b71.js IP 76.76.21.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 05:49:40 Last Seen2024-04-25 07:40:37 Times Seen3 Hash 97ab784a3e1abdbbc0b6d3af2348572b 1b2c437a339d46041b7a972130364a93e155d879 97f250e54bdb56f31bdc5a64ad697aa2ba80dac0c99b3407f0c61166d4c165e6 Loading...

	js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js	526 B	2023-03-07	2024-05-04
Pretty URL js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js IP 151.101.128.176 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2024-05-04 20:05:10 Times Seen3392 Hash d96c709017743c0759cf3853d1806ba5 72e21587610c49c8305a55e71f73fa88ed618205 ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652 Loading...

	m.stripe.network/inner.html#url=https%3A%2F%2Fpay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app%2Framps&title=PancakeSwap&referrer=&muid=NA&sid=NA&version=6&preview=false	827 B	2023-06-30	2024-05-04
Pretty URL m.stripe.network/inner.html#url=https%3A%2F%2Fpay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app%2Framps&title=PancakeSwap&referrer=&muid=NA&sid=NA&version=6&preview=false IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-30 16:45:34 Last Seen2024-05-04 20:05:08 Times Seen5701 Hash 1f54cecc3b769967137af0567a96ec3d bda8188907959253112d6639984e671ede889b41 0ea22f8a5f8ae43c169a5bf57522c356130b13eaab2629ff5712a9af29118a40 Loading...

HTTP Transactions (125)

URL IP Response Size

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/pages/ramps-22b3a0c3a0851df3.js

76.76.21.22

200 OK

508 B

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/pages/ramps-22b3a0c3a0851df3.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
JavaScript source, ASCII text, with very long lines (457)
Size
508 B (508 bytes)
Hash
c204025c9b609620d287c01430be2b1f
918087fe49fe687d10eae0168c7377b18d44ab9f
9d6fd77847b74866ba2dc6871f743ca7045fc50b74318f17a04be3b456b762f1

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/pages/ramps-22b3a0c3a0851df3.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 38768
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="ramps-22b3a0c3a0851df3.js"
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:54 GMT
etag: "c204025c9b609620d287c01430be2b1f"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/chunks/pages/ramps-22b3a0c3a0851df3.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::nl8ss-1714023594832-97cb2deb334c
content-length: 508
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/IZLMtatxGM1y1qcj4EcEm/_ssgManifest.js

76.76.21.22

200 OK

811 B

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/IZLMtatxGM1y1qcj4EcEm/_ssgManifest.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
ASCII text, with very long lines (811), with no line terminators
Size
811 B (811 bytes)
Hash
4ff78952953e795b22ef97391aaf260b
7fcab2c58b662ce9861f15c3b29304458bc29f7d
8f1d5756562f822c21b0c1d0fae404402b2c981a5df0e45228587643d9598e9d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/IZLMtatxGM1y1qcj4EcEm/_ssgManifest.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 638887
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_ssgManifest.js"
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:54 GMT
etag: "4ff78952953e795b22ef97391aaf260b"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/IZLMtatxGM1y1qcj4EcEm/_ssgManifest.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::nl8ss-1714023594836-d20a32f3e8ba
content-length: 811
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/6074-142cf53623178492.js

76.76.21.22

200 OK

13 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/6074-142cf53623178492.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (7862)
Size
13 kB (13265 bytes)
Hash
e5b6187761df30c4fb5bfa3174d5d3cd
23401999d77ea9f407c0f5f3aa8966e5ac4c6f20
e6d19d72140ab70e8aac44b134148e1ea1fa307c4aec7b3feee9cdfe575a10fb

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/6074-142cf53623178492.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
age: 83938
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="6074-142cf53623178492.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:54 GMT
etag: W/"e5b6187761df30c4fb5bfa3174d5d3cd"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/chunks/6074-142cf53623178492.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::gsqxb-1714023594826-06cd4be7a292
X-Firefox-Spdy: h2

fonts.gstatic.com/s/kanit/v15/nKKZ-Go6G5tXcraVGwA.woff2

216.58.207.227

200 OK

19 kB

URL GET HTTP/2
fonts.gstatic.com/s/kanit/v15/nKKZ-Go6G5tXcraVGwA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19388, version 1.0
Size
19 kB (19388 bytes)
Hash
f816f16f297c801aaf01ff43c9fcd563
2e9e2c80bc5aa5f01f75cd486baa1769f53dea5e
ae7b918efe7cd287651e014ed269c923e1a925c8eee1a474ad11184f04659d3e

HTTP Headers

GET /s/kanit/v15/nKKZ-Go6G5tXcraVGwA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19388
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:28:54 GMT
expires: Fri, 18 Apr 2025 17:28:54 GMT
cache-control: public, max-age=31536000
age: 562261
last-modified: Thu, 20 Jul 2023 20:53:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/6403-180f446b71dd1d25.js

76.76.21.22

200 OK

29 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/6403-180f446b71dd1d25.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
JavaScript source, ASCII text, with very long lines (7220)
Size
29 kB (29404 bytes)
Hash
4a36f18adb63547b473df49dd5c8af25
9f1356fdfea8fa6b6c84791d195f859a292bdba6
fc063bed6b367f0c81e0dd695194d543f828233a78660b4ac8586f431567963f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/6403-180f446b71dd1d25.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
age: 38768
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="6403-180f446b71dd1d25.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:54 GMT
etag: W/"4a36f18adb63547b473df49dd5c8af25"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/chunks/6403-180f446b71dd1d25.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::kkmdf-1714023594829-559312e706ca
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/main-0785997221e18e7f.js

76.76.21.22

200 OK

36 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/main-0785997221e18e7f.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
36 kB (36335 bytes)
Hash
46788ca3201af8ee2b7bd75d99ec91f9
607baf6837cb956f791773c1cbcfee5a3b53e89d
2b7ce862a23bf3a1e95d2f516165021c9e2e40061740c003d3ec48589ee271ed

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/main-0785997221e18e7f.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
age: 638887
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="main-0785997221e18e7f.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:54 GMT
etag: W/"46788ca3201af8ee2b7bd75d99ec91f9"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/chunks/main-0785997221e18e7f.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::zjhfd-1714023594817-0a65cddfe3fd
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/4253-ece81cd4224dfe83.js

76.76.21.22

200 OK

126 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/4253-ece81cd4224dfe83.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
126 kB (125602 bytes)
Hash
6b95044fdd2e3177e2dddb81e433471b
ab23c2120631d65e7dda01def810f201358cb8f7
ee528067473d3731453305be2e5c8f23df782b3cba5875f614d049149e909fab

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/4253-ece81cd4224dfe83.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
age: 90361
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="4253-ece81cd4224dfe83.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:54 GMT
etag: W/"6b95044fdd2e3177e2dddb81e433471b"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/chunks/4253-ece81cd4224dfe83.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::qfp9g-1714023594820-d271c713f898
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/8210-a585b5bf27b841b8.js

76.76.21.22

200 OK

14 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/8210-a585b5bf27b841b8.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
JavaScript source, ASCII text, with very long lines (2348)
Size
14 kB (14507 bytes)
Hash
413d76e3c613fdf5a99563847e8bb75d
48bd792083c91a80588c5b74127d7fcc3dc7f9d9
d42bde03006cc07bcbdbbb411c5614374a10220e7034423208abd735728de480

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/8210-a585b5bf27b841b8.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
age: 90355
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="8210-a585b5bf27b841b8.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:54 GMT
etag: W/"413d76e3c613fdf5a99563847e8bb75d"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/chunks/8210-a585b5bf27b841b8.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::dbc74-1714023594825-6809848c1650
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/7875-e604b8271f71ca63.js

76.76.21.22

200 OK

19 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/7875-e604b8271f71ca63.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
JavaScript source, ASCII text, with very long lines (4294)
Size
19 kB (18990 bytes)
Hash
b00edc9b681c54e9a79de581d19f89b3
5a2cfdfa49b0a4cd0c6692caeb9fb3a38f9a2871
3209e2222c5e7fd37cd2b19a7a028e5a6e3a19311b91721dac3e2e7d18b8d827

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/7875-e604b8271f71ca63.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
age: 90355
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="7875-e604b8271f71ca63.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:54 GMT
etag: W/"b00edc9b681c54e9a79de581d19f89b3"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/chunks/7875-e604b8271f71ca63.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::cj6h9-1714023594827-e0e7f95d93df
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/4351-463f46f5ddfb0dd9.js

76.76.21.22

200 OK

7.9 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/4351-463f46f5ddfb0dd9.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
JavaScript source, ASCII text, with very long lines (9381)
Size
7.9 kB (7901 bytes)
Hash
022075c1c1e56f0fbcc2e6894fbcd24e
131eb3d0cdc033366e2410d6eac279ff7da89311
32dd2c47e11bf2f384eb9ae9ce7ad358c35accbd7e7309c6a46c62879117c9c9

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/4351-463f46f5ddfb0dd9.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
age: 38778
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="4351-463f46f5ddfb0dd9.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:54 GMT
etag: W/"022075c1c1e56f0fbcc2e6894fbcd24e"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/chunks/4351-463f46f5ddfb0dd9.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::n4g64-1714023594827-1b6f0e9a74ad
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/1732.580bc0b12da6139f.js

76.76.21.22

200 OK

189 B

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/1732.580bc0b12da6139f.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
JavaScript source, ASCII text
Size
189 B (189 bytes)
Hash
193e391c62b77e9bf00ad62c66275408
cac60b876ba42ea941b680ed8f325494f67797e0
1b729ab7966f7245035cf1a2b13ab0cdfd7796e792c26c83fac40266679d1d7f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/1732.580bc0b12da6139f.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 139282
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="1732.580bc0b12da6139f.js"
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:56 GMT
etag: "193e391c62b77e9bf00ad62c66275408"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/chunks/1732.580bc0b12da6139f.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::fz7c8-1714023596677-b7922b1d15b4
content-length: 189
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/quote-worker.1ac00aeec6a8b8d4.js

76.76.21.22

200 OK

11 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/quote-worker.1ac00aeec6a8b8d4.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
JavaScript source, ASCII text, with very long lines (25929)
Size
11 kB (10918 bytes)
Hash
63c3a4ce0da82887fce6748caa0cd005
43a32cbb7cf8d5186d99f245bbb3ce0c578be4f3
eff2b341ff03249262f314d9527c98f30778a6192e1c5cd7716dc130d7a8ff12

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/quote-worker.1ac00aeec6a8b8d4.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
age: 139293
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="quote-worker.1ac00aeec6a8b8d4.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:56 GMT
etag: W/"63c3a4ce0da82887fce6748caa0cd005"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/chunks/quote-worker.1ac00aeec6a8b8d4.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::fz7c8-1714023596650-edbc07661145
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=undefined

142.250.74.168

404 Not Found

1.6 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=undefined
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1136)
Size
1.6 kB (1580 bytes)
Hash
a55d792fa2c4880da9de427b624deb8c
f2a78fe277c43edb2ceb8834afb0d523cf87c5a0
0b0dba3ab30511b7e0e23c93298cf815f727945c9e9da80ba1df0229a3cd68b7

HTTP Headers

GET /gtm.js?id=undefined HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
date: Thu, 25 Apr 2024 05:39:56 GMT
content-type: text/html; charset=UTF-8
server: Google Tag Manager
content-length: 1580
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

js.stripe.com/v3

151.101.128.176

200 OK

171 kB

URL GET HTTP/2
js.stripe.com/v3
IP
151.101.128.176:443
ASN
#54113 FASTLY

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerDigiCert Inc
Subjecta.stripecdn.com
Fingerprint0C:7B:EC:2B:0B:A8:81:87:0C:D3:D8:55:B6:26:0F:CB:FA:28:ED:F8
ValidityWed, 27 Mar 2024 00:00:00 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Size
171 kB (170813 bytes)
Hash
889cd333c072def16ccd664ba98308f8
161aee9a9a27ef4c2bc408f08f4a62b03cbb543e
c678eb6075444e6900a93bbabbe43842cea3042ff153d4c194b54e9cea2f9347

HTTP Headers

GET /v3 HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Wed, 24 Apr 2024 22:49:38 GMT
etag: "889cd333c072def16ccd664ba98308f8"
cache-control: max-age=60
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Thu, 25 Apr 2024 05:39:56 GMT
via: 1.1 varnish
age: 37
x-request-id: bb989cde-a7f1-4ef5-a4d7-2518df787c9f
x-served-by: cache-hel1410022-HEL
x-cache: HIT
x-cache-hits: 43
vary: Accept-Encoding
timing-allow-origin: *
content-length: 170813
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/quote-worker.1ac00aeec6a8b8d4.js

76.76.21.22

200 OK

90 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/quote-worker.1ac00aeec6a8b8d4.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
JavaScript source, ASCII text, with very long lines (25929)
Size
90 kB (89515 bytes)
Hash
63c3a4ce0da82887fce6748caa0cd005
43a32cbb7cf8d5186d99f245bbb3ce0c578be4f3
eff2b341ff03249262f314d9527c98f30778a6192e1c5cd7716dc130d7a8ff12

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/quote-worker.1ac00aeec6a8b8d4.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
age: 139293
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="quote-worker.1ac00aeec6a8b8d4.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:56 GMT
etag: W/"63c3a4ce0da82887fce6748caa0cd005"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/chunks/quote-worker.1ac00aeec6a8b8d4.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::xht85-1714023596651-a6559c8ef88a
X-Firefox-Spdy: h2

fonts.gstatic.com/s/kanit/v15/nKKU-Go6G5tXcr5KPxWnVaE.woff2

216.58.207.227

200 OK

20 kB

URL GET HTTP/2
fonts.gstatic.com/s/kanit/v15/nKKU-Go6G5tXcr5KPxWnVaE.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19572, version 1.0
Size
20 kB (19572 bytes)
Hash
24ad3fea714cb5e100aa16f832531bf3
a5475cd37afb39fc2472ef8391a4a3fd900122eb
7196c3002f08704f9f99de95b6357969a512eaa9a766eee693921dce72927cea

HTTP Headers

GET /s/kanit/v15/nKKU-Go6G5tXcr5KPxWnVaE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19572
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:40:12 GMT
expires: Fri, 25 Apr 2025 02:40:12 GMT
cache-control: public, max-age=31536000
age: 10785
last-modified: Thu, 20 Jul 2023 20:50:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/kanit/v15/nKKU-Go6G5tXcr5KPxWoVaF5NQ.woff2

216.58.207.227

200 OK

11 kB

URL GET HTTP/2
fonts.gstatic.com/s/kanit/v15/nKKU-Go6G5tXcr5KPxWoVaF5NQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 10572, version 1.0
Size
11 kB (10572 bytes)
Hash
8a0a6eaf18306910de756b986bbef9b2
2eeca7d47e919a37d7ba91d4ecfec47da2019721
825df5cc06c5d4e5ace9ecc77ce4e06d83425e333ee13a35b0190df2e6a56d16

HTTP Headers

GET /s/kanit/v15/nKKU-Go6G5tXcr5KPxWoVaF5NQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10572
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 03:22:31 GMT
expires: Fri, 25 Apr 2025 03:22:31 GMT
cache-control: public, max-age=31536000
age: 8246
last-modified: Thu, 20 Jul 2023 20:50:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/kanit/v15/nKKU-Go6G5tXcr5KPxWpVaF5NQ.woff2

216.58.207.227

200 OK

20 kB

URL GET HTTP/3
fonts.gstatic.com/s/kanit/v15/nKKU-Go6G5tXcr5KPxWpVaF5NQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19636, version 1.0
Size
20 kB (19636 bytes)
Hash
22aeb837a470326fe42ab217a37cea2a
46a4d8b6f9fc8f7bd2471be93a63fed40126e415
ae193f732cb0b2f333c561c7fb758f3a83e841a79da350e7030c492d3446fea9

HTTP Headers

GET /s/kanit/v15/nKKU-Go6G5tXcr5KPxWpVaF5NQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19636
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:54:07 GMT
expires: Fri, 25 Apr 2025 02:54:07 GMT
cache-control: public, max-age=31536000
age: 9950
last-modified: Thu, 20 Jul 2023 20:54:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

assets.pancakeswap.finance/web/wallets/binance.png

104.26.3.169

200 OK

1.6 kB

URL GET HTTP/2
assets.pancakeswap.finance/web/wallets/binance.png
IP
104.26.3.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerGoogle Trust Services LLC
Subjectassets.pancakeswap.finance
Fingerprint62:58:8A:23:51:75:94:A4:7B:AD:60:8B:1A:7B:66:06:34:B6:98:0B
ValidityWed, 27 Mar 2024 10:44:32 GMT - Tue, 25 Jun 2024 10:44:31 GMT

File type
PNG image data, 150 x 150, 8-bit colormap, non-interlaced
Size
1.6 kB (1588 bytes)
Hash
355630229f4891e998c71d378b7a4e16
0a2c961f6fefb268075675fa3cab150c100157e9
820f2729d566b9d78993e53ec403b1b84def82ea1a181adce24ed558f7d58c5e

HTTP Headers

GET /web/wallets/binance.png HTTP/1.1
Host: assets.pancakeswap.finance
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:39:57 GMT
content-type: image/png
content-length: 1588
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "5c6735d127234cb2d01c5a96a1eb48c8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F%2BMgj2X%2B6lBtW47HaUmSqrqYjSiFu5m8M%2BA1pdbAJHcgLy9OZjNZN9OZjWinLGHLAg0KyQNNHOFlkMVQ%2FPoA%2FGBhdJEzeiQ5EgUTFyvEYma0uAYPt%2B3MW8ILdNCH%2FAt%2F3JiZqHF3mQ7%2B%2BL7bOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 162
accept-ranges: bytes
server: cloudflare
cf-ray: 879bfedacc7756c4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

assets.pancakeswap.finance/web/wallets/trust.png

104.26.3.169

200 OK

2.2 kB

URL GET HTTP/2
assets.pancakeswap.finance/web/wallets/trust.png
IP
104.26.3.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerGoogle Trust Services LLC
Subjectassets.pancakeswap.finance
Fingerprint62:58:8A:23:51:75:94:A4:7B:AD:60:8B:1A:7B:66:06:34:B6:98:0B
ValidityWed, 27 Mar 2024 10:44:32 GMT - Tue, 25 Jun 2024 10:44:31 GMT

File type
PNG image data, 150 x 150, 8-bit colormap, non-interlaced
Size
2.2 kB (2177 bytes)
Hash
a5c44f3a69730488cf69035aa91acdfa
74c6ccff8f5c3227d0216f63fd9a9000205ae011
c0a5155f81490256cb607244e502bbd86998e6e3c5c826cfd3fa86fb2993c739

HTTP Headers

GET /web/wallets/trust.png HTTP/1.1
Host: assets.pancakeswap.finance
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:39:57 GMT
content-type: image/png
content-length: 2177
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "62f570988d31ae1821180d7c1b61ef8f"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uHwtXZTSju3V7xRsxoCsRJR0qpmAaRoVNAIysTW9H1bA%2F3HfkLdFhMLAPmXutf9pptKWRP3fOyQYpPDVYYfgpaHDOq4EA8vGHccqcV6RVXM0h3GuMvkhDUDf%2Fvr3FuL58mjT7TE3lUz2Y601XQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 5536
accept-ranges: bytes
server: cloudflare
cf-ray: 879bfedacc7856c4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

assets.pancakeswap.finance/web/wallets/opera.png

104.26.3.169

200 OK

3.3 kB

URL GET HTTP/2
assets.pancakeswap.finance/web/wallets/opera.png
IP
104.26.3.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerGoogle Trust Services LLC
Subjectassets.pancakeswap.finance
Fingerprint62:58:8A:23:51:75:94:A4:7B:AD:60:8B:1A:7B:66:06:34:B6:98:0B
ValidityWed, 27 Mar 2024 10:44:32 GMT - Tue, 25 Jun 2024 10:44:31 GMT

File type
PNG image data, 150 x 150, 8-bit colormap, non-interlaced
Size
3.3 kB (3287 bytes)
Hash
b8c2ee0a8b6673889f895e1c5ffed2c6
a2a4069ababd5db01f0b3d8fd4392964e1c334e1
3a93e883601c13e72381165bd035155f531e30560acd737401d4ac93053b9be5

HTTP Headers

GET /web/wallets/opera.png HTTP/1.1
Host: assets.pancakeswap.finance
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:39:57 GMT
content-type: image/png
content-length: 3287
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "a3bf28b12102f3e4cf1ccaa356175d44"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YzVKLRRpGYT3OmLKraSFI6YY4j7%2B1FWCLKCqxjyf1ISMXwsx8iuyIgaTayZ4OlaGeg7fHhfZglP7ShJpujkUi%2BwjoGaym5MsvJc4Zmdu4NsnsIBPaOcjcCZed7yWEP3Wtatl0tSAhj8YHlwsZw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 5536
accept-ranges: bytes
server: cloudflare
cf-ray: 879bfedacc7956c4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/1518-807be149c1b04211.js

76.76.21.22

200 OK

9.7 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/1518-807be149c1b04211.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
JavaScript source, ASCII text, with very long lines (10590)
Size
9.7 kB (9671 bytes)
Hash
3f46977d9b0661718797f9f6a81def97
7827f12721ec5a28d8fc5164f18ad9457c59b6a7
099d9417752b9ce255dfb29a959d0dc91a2baaa6ac71b8d9e408e7ff87044ba8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/1518-807be149c1b04211.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
age: 90355
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="1518-807be149c1b04211.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:54 GMT
etag: W/"3f46977d9b0661718797f9f6a81def97"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/chunks/1518-807be149c1b04211.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::nl8ss-1714023594824-4fae0d878210
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/css/f15ae5acfa72202a.css

76.76.21.22

200 OK

18 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/css/f15ae5acfa72202a.css
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
18 kB (17852 bytes)
Hash
40eb3e05a48057f33a952ad321a0a9c5
dd84ac5bb29de4c4987f4b51f226488bb8f3bd34
4f9445c8e4d2c918dbe08691d7efd12dbc63b6c0c0c85846fb7c5d35e45bc3fd

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/css/f15ae5acfa72202a.css HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
age: 638887
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="f15ae5acfa72202a.css"
content-encoding: br
content-type: text/css; charset=utf-8
date: Thu, 25 Apr 2024 05:39:54 GMT
etag: W/"40eb3e05a48057f33a952ad321a0a9c5"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/css/f15ae5acfa72202a.css
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::5kwgd-1714023594829-c26bbcdb6972
X-Firefox-Spdy: h2

assets.pancakeswap.finance/web/wallets/walletconnect.png

104.26.3.169

200 OK

1.6 kB

URL GET HTTP/2
assets.pancakeswap.finance/web/wallets/walletconnect.png
IP
104.26.3.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerGoogle Trust Services LLC
Subjectassets.pancakeswap.finance
Fingerprint62:58:8A:23:51:75:94:A4:7B:AD:60:8B:1A:7B:66:06:34:B6:98:0B
ValidityWed, 27 Mar 2024 10:44:32 GMT - Tue, 25 Jun 2024 10:44:31 GMT

File type
PNG image data, 150 x 150, 8-bit colormap, non-interlaced
Size
1.6 kB (1580 bytes)
Hash
78af89866774086b393a771bf2dc0eca
5f708af6b8f0586466aa0fe022d4e6b6ecfa07bf
7cfe65f11aafe9006a6ef242ce1b12374c571fdb919aa089acc7ccf9052aa5a5

HTTP Headers

GET /web/wallets/walletconnect.png HTTP/1.1
Host: assets.pancakeswap.finance
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:39:57 GMT
content-type: image/png
content-length: 1580
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ef943e7c5cf7b187cf20a8c6308a03ac"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GNB3RsAwo%2BnIaei0uDUCwtcFRbjjmzSCVyB025kQNpCrwXGSkNHhw1p01ywAZBbd3yJ2%2Bue1WAoAobBJqZR0QvV8DPWma8nk5Dc14LPrhGgJ7CwLl3RtubWNsMkNIN7Kvrw52W%2BxMvSyBNdBHw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 5536
accept-ranges: bytes
server: cloudflare
cf-ray: 879bfedadc8756c4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

assets.pancakeswap.finance/web/wallets/coinbase.png

104.26.3.169

200 OK

2.1 kB

URL GET HTTP/2
assets.pancakeswap.finance/web/wallets/coinbase.png
IP
104.26.3.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerGoogle Trust Services LLC
Subjectassets.pancakeswap.finance
Fingerprint62:58:8A:23:51:75:94:A4:7B:AD:60:8B:1A:7B:66:06:34:B6:98:0B
ValidityWed, 27 Mar 2024 10:44:32 GMT - Tue, 25 Jun 2024 10:44:31 GMT

File type
PNG image data, 150 x 150, 8-bit colormap, non-interlaced
Size
2.1 kB (2135 bytes)
Hash
851ec2ffeb2f50e208bc1ff7c32c87d9
2ac03d14ca3e43b8a650adb46e386be7f6ff177a
29846f0225d4caa8399bc44926889b023b6f5fd7e92666bd31170273716768da

HTTP Headers

GET /web/wallets/coinbase.png HTTP/1.1
Host: assets.pancakeswap.finance
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:39:57 GMT
content-type: image/png
content-length: 2135
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "37d02187a2f00581e51815d50b840da5"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ts57Ziw4mxGA9LM72jcaezLeZjWERICjx5KFp3GaIAU5cgKrScIO8eCsiTNIq1RM2M0Zq6iOewqsBkQyKCRmDMhO8hRaOYaTlrmDSIT5vp0OWqBOS1%2FzVOX%2FArNetFTlZVVGUm3Mh%2FtFo8MHxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 5536
accept-ranges: bytes
server: cloudflare
cf-ray: 879bfedadc8556c4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

assets.pancakeswap.finance/web/wallets/ledger.png

104.26.3.169

200 OK

1.1 kB

URL GET HTTP/2
assets.pancakeswap.finance/web/wallets/ledger.png
IP
104.26.3.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerGoogle Trust Services LLC
Subjectassets.pancakeswap.finance
Fingerprint62:58:8A:23:51:75:94:A4:7B:AD:60:8B:1A:7B:66:06:34:B6:98:0B
ValidityWed, 27 Mar 2024 10:44:32 GMT - Tue, 25 Jun 2024 10:44:31 GMT

File type
PNG image data, 150 x 150, 8-bit gray+alpha, non-interlaced
Size
1.1 kB (1061 bytes)
Hash
05c6aca3b2fc8f03e01b480dc905625b
1aff06fe61565ce1951622b1759a5889f81e61bb
9f515d462e131ea77573fca64bb2a138dc497434b928c372ecdf8a83e33217df

HTTP Headers

GET /web/wallets/ledger.png HTTP/1.1
Host: assets.pancakeswap.finance
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:39:57 GMT
content-type: image/png
content-length: 1061
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "fc5d6f0a18bc8c7811331e13d9d7c96f"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V42tCBKXSCJE0S4J5a4u36T8auwPIqd1feFNNFJOs0ezPNuLae6FDNO%2FZEPhBR6O3UukzkN8K3Sg4iR9t59dufnSEAmWZpKkPAchxhmcTZkfuDw1dN6sRCin%2Bds07XhKMg7S%2BOV3CXSwLvlm4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 879bfedacc7f56c4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

hub.snapshot.org/graphql

104.26.13.125

204 No Content

0 B

URL OPTIONS HTTP/2
hub.snapshot.org/graphql
IP
104.26.13.125:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subjecthub.snapshot.org
Fingerprint51:92:07:17:6E:EC:8E:CB:EB:58:16:46:A8:FD:FD:5C:48:F4:F4:69
ValiditySat, 30 Mar 2024 23:28:55 GMT - Fri, 28 Jun 2024 23:28:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /graphql HTTP/1.1
Host: hub.snapshot.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Thu, 25 Apr 2024 05:39:57 GMT
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: content-type
access-control-max-age: 86400
x-do-app-origin: 9134fcd0-e6bb-11ec-b1dc-0c42a19a82a7
cache-control: private
x-do-orig-status: 204
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tjHutgXVAgbLFDuMx%2BLuktmiM6TJ3vnCvFvGWez8LhqNL5myp4hGUWwnohYYyVyiXH18pJ9i2Lvr3R%2BeB1uh944aBUpKVL8Non9MDaJgPdbcW4doXXyE1LrQWH9MlyiS2kQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879bfedaaa50b529-OSL
X-Firefox-Spdy: h2

bsc-dataseed1.defibit.io/

99.83.204.86

200 OK

0 B

URL POST HTTP/2
bsc-dataseed1.defibit.io/
IP
99.83.204.86:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerAmazon
Subjectdefibit.io
FingerprintF7:D5:85:A1:FD:D2:03:6C:59:FA:82:F2:19:D2:77:B3:DF:8C:23:24
ValidityWed, 12 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS / HTTP/1.1
Host: bsc-dataseed1.defibit.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Thu, 25 Apr 2024 05:39:57 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 600
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubdomains
X-Firefox-Spdy: h2

bsc.nodereal.io/

63.34.132.130

204 No Content

0 B

URL OPTIONS HTTP/2
bsc.nodereal.io/
IP
63.34.132.130:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerAmazon
Subject*.nodereal.io
FingerprintE2:BA:1B:DF:1A:53:74:10:1A:57:6C:98:A6:1B:C1:1F:5B:50:0B:B2
ValiditySun, 14 Jan 2024 00:00:00 GMT - Wed, 12 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS / HTTP/1.1
Host: bsc.nodereal.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Thu, 25 Apr 2024 05:39:57 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 600
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubdomains
X-Firefox-Spdy: h2

bsc-dataseed1.defibit.io/

99.83.204.86

200 OK

0 B

URL POST HTTP/2
bsc-dataseed1.defibit.io/
IP
99.83.204.86:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerAmazon
Subjectdefibit.io
FingerprintF7:D5:85:A1:FD:D2:03:6C:59:FA:82:F2:19:D2:77:B3:DF:8C:23:24
ValidityWed, 12 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS / HTTP/1.1
Host: bsc-dataseed1.defibit.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Thu, 25 Apr 2024 05:39:57 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 600
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubdomains
X-Firefox-Spdy: h2

api.thegraph.com/index-node/graphql

104.18.40.31

200 OK

0 B

URL POST HTTP/2
api.thegraph.com/index-node/graphql
IP
104.18.40.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subjectthegraph.com
Fingerprint6B:E2:7C:AD:D8:69:7D:09:92:A6:9D:9D:C2:6D:25:DF:03:57:C5:AC
ValidityFri, 19 Apr 2024 23:12:54 GMT - Thu, 18 Jul 2024 23:12:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /index-node/graphql HTTP/1.1
Host: api.thegraph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:39:57 GMT
content-type: text/plain
content-length: 0
cf-ray: 879bfedaaea6b4f7-OSL
cf-cache-status: DYNAMIC
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-headers: Content-Type, User-Agent
access-control-allow-methods: GET, OPTIONS, POST
set-cookie: __cf_bm=07WoElhkapsjloTEN1AZjDvsM.HTbsW43KGkmrPxFZg-1714023597-1.0.1.1-NehT5yXRGXfp.rPn_BNThuvJi2CZTF0PJs_.WTZvWo51MkLGEfIeNCBR5AgxR0SHG.Kh2ugXjkII07ZRin_jAg; path=/; expires=Thu, 25-Apr-24 06:09:57 GMT; domain=.thegraph.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2

hub.snapshot.org/graphql

104.26.13.125

204 No Content

25 B

URL OPTIONS HTTP/2
hub.snapshot.org/graphql
IP
104.26.13.125:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subjecthub.snapshot.org
Fingerprint51:92:07:17:6E:EC:8E:CB:EB:58:16:46:A8:FD:FD:5C:48:F4:F4:69
ValiditySat, 30 Mar 2024 23:28:55 GMT - Fri, 28 Jun 2024 23:28:54 GMT

File type
JSON text data
Size
25 B (25 bytes)
Hash
cdc8512ced83004a90115850c9b5608b
b6eb57230b2dc1f0e7ba40ab793e36bda69eed09
699671a256296a7dda710792eb11c9dc11bb7087387f2ef3057e17e5e669cda4

HTTP Headers

POST /graphql HTTP/1.1
Host: hub.snapshot.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
content-type: application/json
Content-Length: 629
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:39:57 GMT
content-type: application/json; charset=utf-8
content-length: 25
access-control-allow-origin: *
ratelimit-policy: 100;w=60
ratelimit-limit: 100
ratelimit-remaining: 99
ratelimit-reset: 60
etag: W/"19-tutXIwstwfDnukCreT42vaae7Qk"
x-do-app-origin: 9134fcd0-e6bb-11ec-b1dc-0c42a19a82a7
cache-control: private
x-do-orig-status: 200
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZFEYhck9gxYkG9Gqgr4qIrMjnwZpOIeGRd1vmJVVHtu9n%2FFaNdRT6g9hSfFvfKTHM09PkQXJrpfyyhV%2FiXCtKQP3JGKcZ2lWS10USt5B%2F%2BhUQN8iX1ML2jppUiEsph6%2BwtM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879bfedbeb34b529-OSL
X-Firefox-Spdy: h2

assets.pancakeswap.finance/web/chains/1.png

104.26.3.169

200 OK

1.2 kB

URL GET HTTP/3
assets.pancakeswap.finance/web/chains/1.png
IP
104.26.3.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerGoogle Trust Services LLC
Subjectassets.pancakeswap.finance
Fingerprint62:58:8A:23:51:75:94:A4:7B:AD:60:8B:1A:7B:66:06:34:B6:98:0B
ValidityWed, 27 Mar 2024 10:44:32 GMT - Tue, 25 Jun 2024 10:44:31 GMT

File type
PNG image data, 48 x 48, 8-bit colormap, non-interlaced
Size
1.2 kB (1179 bytes)
Hash
236ecd183d696e37d949d8cf70a2bbd5
8eaa89051b171e1a35e226ca5d2eba058f7a6253
4540f0e53f6ed66e0dea773269c2b0d5698ebb1f7025cafe2358d6b78ac421d6

HTTP Headers

GET /web/chains/1.png HTTP/1.1
Host: assets.pancakeswap.finance
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:39:57 GMT
content-type: image/png
content-length: 1179
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "27a3beb7256d43dbe9c6e41a4550d156"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BdvzhyI5NnpjIqVvZcvIH2vdoS%2F41VDl1sbYtYIzyUoTpRxQKK1bzkfLZhGxsq75r6DIMkd76dEe7Ccex0JB2zeRHljHJ4yjy5UNk9YP7b2PvRZlGlvbsHQRpzZ9hKZIU%2F1Mc5HWoNCcA7m3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 5538
accept-ranges: bytes
server: cloudflare
cf-ray: 879bfedd2f7656cb-OSL
alt-svc: h3=":443"; ma=86400

assets.pancakeswap.finance/web/chains/56.png

104.26.3.169

200 OK

1.2 kB

URL GET HTTP/3
assets.pancakeswap.finance/web/chains/56.png
IP
104.26.3.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerGoogle Trust Services LLC
Subjectassets.pancakeswap.finance
Fingerprint62:58:8A:23:51:75:94:A4:7B:AD:60:8B:1A:7B:66:06:34:B6:98:0B
ValidityWed, 27 Mar 2024 10:44:32 GMT - Tue, 25 Jun 2024 10:44:31 GMT

File type
PNG image data, 48 x 48, 8-bit colormap, non-interlaced
Size
1.2 kB (1158 bytes)
Hash
241ddcd7ff9541b1839703882d91d404
5b6ada17f54077b5e020d91af0c8ebe99b06bb88
8b7f54e9045d2beca6b4d124b97c84b9c2e84d14c709b6f3b160fae209ff08e0

HTTP Headers

GET /web/chains/56.png HTTP/1.1
Host: assets.pancakeswap.finance
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:39:57 GMT
content-type: image/png
content-length: 1158
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "2eba283c17774595a0733544bc896fba"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sf28G9Oq8uq3HDegoraP4oRWR4%2BDgYDQTWwcc94l7AtxmAvZY3tBHKARor%2FQk%2FAnrmBlSOhE27LbovOcuuITAkTd00byq%2BKrpoNV7RwS7wjp1uK73S%2FLvUJhhPdaFZwivnKxEnwz%2FRYYR9j43A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 5538
accept-ranges: bytes
server: cloudflare
cf-ray: 879bfedd2f7556cb-OSL
alt-svc: h3=":443"; ma=86400

assets.pancakeswap.finance/web/chains/324.png

104.26.3.169

200 OK

738 B

URL GET HTTP/3
assets.pancakeswap.finance/web/chains/324.png
IP
104.26.3.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerGoogle Trust Services LLC
Subjectassets.pancakeswap.finance
Fingerprint62:58:8A:23:51:75:94:A4:7B:AD:60:8B:1A:7B:66:06:34:B6:98:0B
ValidityWed, 27 Mar 2024 10:44:32 GMT - Tue, 25 Jun 2024 10:44:31 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
738 B (738 bytes)
Hash
140504c38ceb01bbbe1632ebfd047ec5
f301254d5972ead4839dad92b9c322dde76a6e75
ad9d9c13aed41cdaaa4749bb6337aced91d1fe7ad378e1e1ac5525a706a21fe0

HTTP Headers

GET /web/chains/324.png HTTP/1.1
Host: assets.pancakeswap.finance
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:39:57 GMT
content-type: image/png
content-length: 738
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "141f703bc2926deca57513a5c3c8eb04"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3abSMnwVKxIFYCTz4NZS22RBt6H8YtPqQrYp8NR2Ffhdai3EgZ6JRxfZfNHfXLVJI95RKlmvthbwxo7vbXx6HqhpEiBNqMO6uIw9PHnNxVUbF%2BlCBaCXPFQuU3kOp4jFrSn9r6ey0qPZQ1alBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 5538
accept-ranges: bytes
server: cloudflare
cf-ray: 879bfedd2f7756cb-OSL
alt-svc: h3=":443"; ma=86400

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/images/decorations/phishing-warning-bunny.webp

76.76.21.22

200 OK

4.9 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/images/decorations/phishing-warning-bunny.webp
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
RIFF (little-endian) data, Web/P image
Size
4.9 kB (4850 bytes)
Hash
c73199f7cfd8a30afa8182b0b5d9e2e5
52a839df66e697b6a63c609fc3f978bf43b5edae
bae96bf0ec8c48d43751e0a3be260ce9c57feaf129b80f6e6dea7f1612c8dd39

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/decorations/phishing-warning-bunny.webp HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 90360
cache-control: public, immutable, max-age=31536000
content-disposition: inline; filename="phishing-warning-bunny.webp"
content-type: image/webp
date: Thu, 25 Apr 2024 05:39:57 GMT
etag: "c73199f7cfd8a30afa8182b0b5d9e2e5"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /images/decorations/phishing-warning-bunny.webp
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::vht4j-1714023597627-4e094fda5177
content-length: 4850
X-Firefox-Spdy: h2

assets.pancakeswap.finance/web/chains/1101.png

104.26.3.169

200 OK

86 kB

URL GET HTTP/3
assets.pancakeswap.finance/web/chains/1101.png
IP
104.26.3.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerGoogle Trust Services LLC
Subjectassets.pancakeswap.finance
Fingerprint62:58:8A:23:51:75:94:A4:7B:AD:60:8B:1A:7B:66:06:34:B6:98:0B
ValidityWed, 27 Mar 2024 10:44:32 GMT - Tue, 25 Jun 2024 10:44:31 GMT

File type
PNG image data, 600 x 600, 8-bit/color RGBA, non-interlaced
Size
86 kB (86383 bytes)
Hash
8d6cd83ec34994330abbebd0a65c2f7b
9a84b286c689dba40169902e89a36022a474371e
476e4017b3f83e891214f87e60bcfcd1624f905065f436f745491222f0736f6a

HTTP Headers

GET /web/chains/1101.png HTTP/1.1
Host: assets.pancakeswap.finance
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:39:57 GMT
content-type: image/png
content-length: 86383
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "7e76b94cdc0f9628ecef8c8bb234f3ba"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qoa2WTvXokOlmO%2FrErfDqQiTCeUA1qXXc%2BTJEzNV2cK90%2FRJGhpn%2BsgpkDckyytSwFybVsWo0EWk6G6SdZYD3OlPbV4n2KFsQbaancQiJIvAcaoS%2FHTevfqBs9Euw%2B7Al%2FjGc18oCKZ5DAVXcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 5538
accept-ranges: bytes
server: cloudflare
cf-ray: 879bfedd2f7a56cb-OSL
alt-svc: h3=":443"; ma=86400

assets.pancakeswap.finance/web/chains/59140.png

104.26.3.169

200 OK

4.0 kB

URL GET HTTP/3
assets.pancakeswap.finance/web/chains/59140.png
IP
104.26.3.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerGoogle Trust Services LLC
Subjectassets.pancakeswap.finance
Fingerprint62:58:8A:23:51:75:94:A4:7B:AD:60:8B:1A:7B:66:06:34:B6:98:0B
ValidityWed, 27 Mar 2024 10:44:32 GMT - Tue, 25 Jun 2024 10:44:31 GMT

File type
PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced
Size
4.0 kB (4007 bytes)
Hash
1ceb847edb47e9c5c20a1fb57a1f7deb
828fdeffb61d6e22b516daf84e6471692bc2a4e7
d278067eb81dbb2506b25e1fc008f941ccb491c1d1bad680482661119209f346

HTTP Headers

GET /web/chains/59140.png HTTP/1.1
Host: assets.pancakeswap.finance
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:39:57 GMT
content-type: image/png
content-length: 4007
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "6f83df69f71339cb5769c76cd3cc84d5"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZaLM7NxR5L8degC%2BC9hDnI7Cilx9kH4g06bvW2ibTh5bfJ4p53hC1oY3CDIwmgEIfKOCGs1zeJEXWIzvWnNLXUDcdXjlKCu0geeGAlKxCLl9G4cxyfAf8sSq20pMwAoptG4cyWhrT0HGw2pYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 161
accept-ranges: bytes
server: cloudflare
cf-ray: 879bfedd2f7c56cb-OSL
alt-svc: h3=":443"; ma=86400

assets.pancakeswap.finance/web/chains/4002.png

104.26.3.169

404 Not Found

0 B

URL GET HTTP/3
assets.pancakeswap.finance/web/chains/4002.png
IP
104.26.3.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerGoogle Trust Services LLC
Subjectassets.pancakeswap.finance
Fingerprint62:58:8A:23:51:75:94:A4:7B:AD:60:8B:1A:7B:66:06:34:B6:98:0B
ValidityWed, 27 Mar 2024 10:44:32 GMT - Tue, 25 Jun 2024 10:44:31 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /web/chains/4002.png HTTP/1.1
Host: assets.pancakeswap.finance
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Thu, 25 Apr 2024 05:39:57 GMT
content-length: 0
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xc8ap5jLSuWQbcVlb3FjkfId2jUk%2F3wCUhkS0icFXK3zpfTPHpzQRkpn%2FVqKCmc%2BEqVCOwWLj8M4HIkeuRydn4PPK3xJBac5ERjljzdh493QpJaW8%2F%2F1koH3NCYa3hHfqt3XHHCFyg8QmNrCRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 161
server: cloudflare
cf-ray: 879bfedd2f7d56cb-OSL
alt-svc: h3=":443"; ma=86400

relay.walletconnect.com/?auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJkaWQ6a2V5Ono2TWtxQjd2U0tMUWpXczlTemV2N2JuTmR3TEVZWlhBeEdOUVAxa1VLMWd6SnlaNiIsInN1YiI6IjZhYTJhNTgxOWRlOGY0ODdlODU0ZjU3M2ZhMTNjNGRjMTQzZTMzNmM5MDNlZjQ3Mzc1OTRmOGY0MTcyYTRkZWIiLCJhdWQiOiJ3c3M6Ly9yZWxheS53YWxsZXRjb25uZWN0LmNvbSIsImlhdCI6MTcxNDAyMzU5NywiZXhwIjoxNzE0MTA5OTk3fQ.j7ft8emA0B6664s-pb3JZ6b331sU4gCWsMZJAf5sE1Sny4KGnfb3b3YYR9XuxJq1OUu3ZS-keGnOcwPn95vWCA&projectId=e542ff314e26ff34de2d4fba98db70bb&ua=wc-2%2Fjs-2.8.6%2Flinux-firefox-96.0.0%2Fbrowser%3Apay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app&useOnCloseEvent=true

3.126.230.177

0 B

URL
relay.walletconnect.com/?auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJkaWQ6a2V5Ono2TWtxQjd2U0tMUWpXczlTemV2N2JuTmR3TEVZWlhBeEdOUVAxa1VLMWd6SnlaNiIsInN1YiI6IjZhYTJhNTgxOWRlOGY0ODdlODU0ZjU3M2ZhMTNjNGRjMTQzZTMzNmM5MDNlZjQ3Mzc1OTRmOGY0MTcyYTRkZWIiLCJhdWQiOiJ3c3M6Ly9yZWxheS53YWxsZXRjb25uZWN0LmNvbSIsImlhdCI6MTcxNDAyMzU5NywiZXhwIjoxNzE0MTA5OTk3fQ.j7ft8emA0B6664s-pb3JZ6b331sU4gCWsMZJAf5sE1Sny4KGnfb3b3YYR9XuxJq1OUu3ZS-keGnOcwPn95vWCA&projectId=e542ff314e26ff34de2d4fba98db70bb&ua=wc-2%2Fjs-2.8.6%2Flinux-firefox-96.0.0%2Fbrowser%3Apay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app&useOnCloseEvent=true
IP
3.126.230.177:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJkaWQ6a2V5Ono2TWtxQjd2U0tMUWpXczlTemV2N2JuTmR3TEVZWlhBeEdOUVAxa1VLMWd6SnlaNiIsInN1YiI6IjZhYTJhNTgxOWRlOGY0ODdlODU0ZjU3M2ZhMTNjNGRjMTQzZTMzNmM5MDNlZjQ3Mzc1OTRmOGY0MTcyYTRkZWIiLCJhdWQiOiJ3c3M6Ly9yZWxheS53YWxsZXRjb25uZWN0LmNvbSIsImlhdCI6MTcxNDAyMzU5NywiZXhwIjoxNzE0MTA5OTk3fQ.j7ft8emA0B6664s-pb3JZ6b331sU4gCWsMZJAf5sE1Sny4KGnfb3b3YYR9XuxJq1OUu3ZS-keGnOcwPn95vWCA&projectId=e542ff314e26ff34de2d4fba98db70bb&ua=wc-2%2Fjs-2.8.6%2Flinux-firefox-96.0.0%2Fbrowser%3Apay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app&useOnCloseEvent=true HTTP/1.1
Host: relay.walletconnect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YBkSwA7Wa2GX7wBCln4rsg==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
connection: upgrade
upgrade: websocket
sec-websocket-accept: mqXjzcB1q1r+rs3aC5pf/43BwWo=
date: Thu, 25 Apr 2024 05:39:56 GMT

aptos.pancakeswap.finance/images/apt.png

104.26.3.169

200 OK

808 B

URL GET HTTP/2
aptos.pancakeswap.finance/images/apt.png
IP
104.26.3.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintCA:F7:DB:93:BF:AB:FF:53:F2:3D:11:7D:D7:8C:62:B7:F4:3B:80:3F
ValidityMon, 12 Jun 2023 00:00:00 GMT - Tue, 11 Jun 2024 23:59:59 GMT

File type
PNG image data, 72 x 72, 8-bit colormap, non-interlaced
Size
808 B (808 bytes)
Hash
74168d688d61e90d33aa8c00dbc38d76
9dba71d2bd1ae649f81a36a966faad7049cf705a
260092dadbeeabbf5bc49e2cec9342dcdc2e0a561d9dc24cb290eab6021ec7b4

HTTP Headers

GET /images/apt.png HTTP/1.1
Host: aptos.pancakeswap.finance
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:39:57 GMT
content-type: image/png
content-length: 808
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="apt.png"
etag: "74168d688d61e90d33aa8c00dbc38d76"
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /images/apt.png
x-vercel-cache: HIT
x-vercel-id: arn1::mf2g5-1713473669513-e69b264488af
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tadWBwa954MB7RKP9S5%2FNw1nWKDQeq6qmCZebHDDHO%2FgRcXuKUJ2lEgla3Juv89WFeuWvxMVxFcfqm7CgGtwx1%2BCikiN4A163l%2FTuDkl%2F%2F%2BmUvCM8bkFId3mE6FBo8sfnSLK9afzg5Fe7%2Fg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879bfedd781b5696-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/images/decorations/3d-syrup-bunnies.png

76.76.21.22

200 OK

60 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/images/decorations/3d-syrup-bunnies.png
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
PNG image data, 256 x 247, 8-bit/color RGBA, non-interlaced
Size
60 kB (59936 bytes)
Hash
09db923498b0a85687d830350d4e9a61
11d183db0f859ad8a25e52767dd2cd97600474ed
0e39a05e1f5431c1cc7b5f6a14a6e32588dc7d0e98b1538acd276b93567b2147

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/decorations/3d-syrup-bunnies.png HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 36148
cache-control: public, immutable, max-age=31536000
content-disposition: inline; filename="3d-syrup-bunnies.png"
content-type: image/png
date: Thu, 25 Apr 2024 05:39:57 GMT
etag: "09db923498b0a85687d830350d4e9a61"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /images/decorations/3d-syrup-bunnies.png
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::fz7c8-1714023597711-ba96a4968fed
content-length: 59936
X-Firefox-Spdy: h2

bsc-dataseed1.defibit.io/

99.83.204.86

200 OK

0 B

URL POST HTTP/2
bsc-dataseed1.defibit.io/
IP
99.83.204.86:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerAmazon
Subjectdefibit.io
FingerprintF7:D5:85:A1:FD:D2:03:6C:59:FA:82:F2:19:D2:77:B3:DF:8C:23:24
ValidityWed, 12 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS / HTTP/1.1
Host: bsc-dataseed1.defibit.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Thu, 25 Apr 2024 05:39:57 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 600
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubdomains
X-Firefox-Spdy: h2

relay.walletconnect.com/?auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJkaWQ6a2V5Ono2TWtycGdSdnZYUVFKRVNiektSR25RY1Y1d01pQVVNTlptVGNYNlZzQ2pZR0JDVyIsInN1YiI6IjkyNWZkN2NkMDE3NTU0MDliMmJkNmFkODZjYTZkNjIxOWFjZGNhNzFjN2NlNGU1MGE3ZTIzMGJiYTQyZGVlODAiLCJhdWQiOiJ3c3M6Ly9yZWxheS53YWxsZXRjb25uZWN0LmNvbSIsImlhdCI6MTcxNDAyMzU5NywiZXhwIjoxNzE0MTA5OTk3fQ.B0s21aZx3-KrrPbj8G6wKRix4Kh7ZbxN5hgdqYowG9C03a7Rk954DqkHoEhFhXsnDGCu3ZQOdWafs4RDwHFqCQ&projectId=e542ff314e26ff34de2d4fba98db70bb&ua=wc-2%2Fjs-2.8.6%2Flinux-firefox-96.0.0%2Fbrowser%3Apay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app&useOnCloseEvent=true

3.126.230.177

0 B

URL
relay.walletconnect.com/?auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJkaWQ6a2V5Ono2TWtycGdSdnZYUVFKRVNiektSR25RY1Y1d01pQVVNTlptVGNYNlZzQ2pZR0JDVyIsInN1YiI6IjkyNWZkN2NkMDE3NTU0MDliMmJkNmFkODZjYTZkNjIxOWFjZGNhNzFjN2NlNGU1MGE3ZTIzMGJiYTQyZGVlODAiLCJhdWQiOiJ3c3M6Ly9yZWxheS53YWxsZXRjb25uZWN0LmNvbSIsImlhdCI6MTcxNDAyMzU5NywiZXhwIjoxNzE0MTA5OTk3fQ.B0s21aZx3-KrrPbj8G6wKRix4Kh7ZbxN5hgdqYowG9C03a7Rk954DqkHoEhFhXsnDGCu3ZQOdWafs4RDwHFqCQ&projectId=e542ff314e26ff34de2d4fba98db70bb&ua=wc-2%2Fjs-2.8.6%2Flinux-firefox-96.0.0%2Fbrowser%3Apay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app&useOnCloseEvent=true
IP
3.126.230.177:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJkaWQ6a2V5Ono2TWtycGdSdnZYUVFKRVNiektSR25RY1Y1d01pQVVNTlptVGNYNlZzQ2pZR0JDVyIsInN1YiI6IjkyNWZkN2NkMDE3NTU0MDliMmJkNmFkODZjYTZkNjIxOWFjZGNhNzFjN2NlNGU1MGE3ZTIzMGJiYTQyZGVlODAiLCJhdWQiOiJ3c3M6Ly9yZWxheS53YWxsZXRjb25uZWN0LmNvbSIsImlhdCI6MTcxNDAyMzU5NywiZXhwIjoxNzE0MTA5OTk3fQ.B0s21aZx3-KrrPbj8G6wKRix4Kh7ZbxN5hgdqYowG9C03a7Rk954DqkHoEhFhXsnDGCu3ZQOdWafs4RDwHFqCQ&projectId=e542ff314e26ff34de2d4fba98db70bb&ua=wc-2%2Fjs-2.8.6%2Flinux-firefox-96.0.0%2Fbrowser%3Apay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app&useOnCloseEvent=true HTTP/1.1
Host: relay.walletconnect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pITJOZLElMzfgRLIJmAMXA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
connection: upgrade
upgrade: websocket
sec-websocket-accept: GdW9iX19+rrF5RCSA8aIUZ/+j8Q=
date: Thu, 25 Apr 2024 05:39:56 GMT

bsc-dataseed1.defibit.io/

99.83.204.86

200 OK

4.2 kB

URL POST HTTP/2
bsc-dataseed1.defibit.io/
IP
99.83.204.86:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerAmazon
Subjectdefibit.io
FingerprintF7:D5:85:A1:FD:D2:03:6C:59:FA:82:F2:19:D2:77:B3:DF:8C:23:24
ValidityWed, 12 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT

File type
JSON text data
Size
4.2 kB (4197 bytes)
Hash
3419d0d732fab64ee8856b197a230079
52cddac8e0672768afbe0973a23665e6004e5c14
890203197811ae134c211f3237cd4d825911c702c7a6b300d04f5e43a6910406

HTTP Headers

POST / HTTP/1.1
Host: bsc-dataseed1.defibit.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
Content-Type: application/json
Content-Length: 1800
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:39:57 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 600
x-nr-trace-id: 00000000000000000000000000000000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: br
X-Firefox-Spdy: h2

bsc-dataseed1.defibit.io/

99.83.204.86

200 OK

0 B

URL POST HTTP/2
bsc-dataseed1.defibit.io/
IP
99.83.204.86:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerAmazon
Subjectdefibit.io
FingerprintF7:D5:85:A1:FD:D2:03:6C:59:FA:82:F2:19:D2:77:B3:DF:8C:23:24
ValidityWed, 12 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS / HTTP/1.1
Host: bsc-dataseed1.defibit.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Thu, 25 Apr 2024 05:39:58 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 600
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubdomains
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-334KNG3DMQ&l=dataLayer&cx=c

142.250.74.168

200 OK

97 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-334KNG3DMQ&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type
JavaScript source, ASCII text, with very long lines (7711)
Size
97 kB (96984 bytes)
Hash
88a0219df506a991153a7c9906afd14e
831fa55fe3659d92fc64c7f93420df8f7a4daa9c
bc1d09176c0252d72c5647608fbbbcfcf01a89b7c2b0f20d67cf7cbad3592074

HTTP Headers

GET /gtag/js?id=G-334KNG3DMQ&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 25 Apr 2024 05:39:58 GMT
expires: Thu, 25 Apr 2024 05:39:58 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 96984
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.walletlink.org/rpc

104.18.37.8

0 B

URL
www.walletlink.org/rpc
IP
104.18.37.8:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rpc HTTP/1.1
Host: www.walletlink.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Yelb2kt2bfwX+lFRdJ3g+g==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Thu, 25 Apr 2024 05:39:58 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1tx1MZb2hBBDUsHgPREFN0cZG3s=
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=rXuHQmfSo5AQlBgtRwouIpqA_eU7rTU4017l5LAHoPs-1714023598-1.0.1.1-pR5.EOZOlXtLMR3QG7CSev_52ViZhXtVjriUMSmit4miH4z7yKovivzmtcE2kubkUZVKa5NK6wfQn89LTKG4Ow; path=/; expires=Thu, 25-Apr-24 06:09:58 GMT; domain=.walletlink.org; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 879bfedddeda7131-OSL

bsc-dataseed1.defibit.io/

99.83.204.86

200 OK

120 B

URL POST HTTP/2
bsc-dataseed1.defibit.io/
IP
99.83.204.86:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerAmazon
Subjectdefibit.io
FingerprintF7:D5:85:A1:FD:D2:03:6C:59:FA:82:F2:19:D2:77:B3:DF:8C:23:24
ValidityWed, 12 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT

File type
JSON text data
Size
120 B (120 bytes)
Hash
4384c18edf554a2fe654376d309faab1
87fe22eeb37573b1f755a372dda01aad069832a4
d850aae2e7fbdb693dbe0774a63a7429704c663e1c418511330334dd2a462817

HTTP Headers

POST / HTTP/1.1
Host: bsc-dataseed1.defibit.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
Content-Type: application/json
Content-Length: 1032
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:39:58 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 600
x-nr-trace-id: 00000000000000000000000000000000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: br
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/worker-chunks-ed675b153cc8567b.js

76.76.21.22

200 OK

253 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/worker-chunks-ed675b153cc8567b.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/quote-worker.1ac00aeec6a8b8d4.js
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
253 kB (253156 bytes)
Hash
33d9bbcbcef3a9304bc8bcd2a6c9cecb
c3c9e58d36f1aad04dba2b03204b4cb0ef29b334
7fd9ce983f68bb663f6064458935dfd3af549941887c4a93a6085da7e4959592

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/worker-chunks-ed675b153cc8567b.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/quote-worker.1ac00aeec6a8b8d4.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
age: 638890
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="worker-chunks-ed675b153cc8567b.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:57 GMT
etag: W/"33d9bbcbcef3a9304bc8bcd2a6c9cecb"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/chunks/worker-chunks-ed675b153cc8567b.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::ws4sw-1714023597639-06b016985ca2
X-Firefox-Spdy: h2

tokens.pancakeswap.finance/cmc.json

104.26.2.169

200 OK

414 kB

URL GET HTTP/2
tokens.pancakeswap.finance/cmc.json
IP
104.26.2.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subjecttokens.pancakeswap.finance
Fingerprint16:4E:75:1C:22:7A:65:1F:A3:EE:D9:84:E5:17:6B:94:18:D4:CB:75
ValidityTue, 02 Apr 2024 17:48:58 GMT - Mon, 01 Jul 2024 17:48:57 GMT

File type
JSON text data
Size
414 kB (413796 bytes)
Hash
2fe572f06d5051baa2ccd9f664963484
f0a0ce856c2e8356f0c2dad7b7ca5e215624fad5
2fe7a8899a8220c3c8019270ee0ce7d602526f2a0bd2311f8b04de6e715f4179

HTTP Headers

GET /cmc.json HTTP/1.1
Host: tokens.pancakeswap.finance
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:39:58 GMT
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"f63eedff26a5bbfc2fdea60fd05839a7"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HVu6aK1WSosLDhx6oDlG4hYWnMVC7WZIYYi041kV62CZJo9CtFGgcq1YoW1Fr0zljtZk6zb%2FhmyZT6gWjZYw2SlOWHCZGzGzenmTksHjcTl%2FCtYIVF0s8YMXXKIB2PoV3DPh2QmVZpOV9ot2XA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 879bfedfa9a356c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

hub.snapshot.org/graphql

104.26.13.125

204 No Content

0 B

URL OPTIONS HTTP/2
hub.snapshot.org/graphql
IP
104.26.13.125:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subjecthub.snapshot.org
Fingerprint51:92:07:17:6E:EC:8E:CB:EB:58:16:46:A8:FD:FD:5C:48:F4:F4:69
ValiditySat, 30 Mar 2024 23:28:55 GMT - Fri, 28 Jun 2024 23:28:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /graphql HTTP/1.1
Host: hub.snapshot.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Thu, 25 Apr 2024 05:39:58 GMT
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: content-type
access-control-max-age: 86400
x-do-app-origin: 9134fcd0-e6bb-11ec-b1dc-0c42a19a82a7
cache-control: private
x-do-orig-status: 204
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lBHZo%2FGX6woBMOMr22IP79P92MXApyS1ks9TSAD73RXlQoVKRpZagGRHRSy3E3y44BNeKddpTUO7AbpnxtIkwxDM71BVe9AhWiB1EXQ5O9H767pi8NhdEPFQpNsv1acP6Aw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879bfee25fd3b529-OSL
X-Firefox-Spdy: h2

explorer-api.walletconnect.com/w3m/v1/getDesktopListings?projectId=e542ff314e26ff34de2d4fba98db70bb&page=1&entries=9&version=2

104.18.27.46

200 OK

1.8 kB

URL GET HTTP/2
explorer-api.walletconnect.com/w3m/v1/getDesktopListings?projectId=e542ff314e26ff34de2d4fba98db70bb&page=1&entries=9&version=2
IP
104.18.27.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerGoogle Trust Services LLC
Subjectwalletconnect.com
FingerprintED:B4:3C:64:2E:D4:9E:75:2A:0F:E4:F1:85:B7:CD:B6:A8:91:DE:37
ValidityTue, 27 Feb 2024 02:22:47 GMT - Mon, 27 May 2024 02:22:46 GMT

File type
gzip compressed data, from Unix
Size
1.8 kB (1776 bytes)
Hash
c504b1488cd5b9797c7fd7072b3718b5
efd2348d5165f7a4f15e66379d7bcdb80df99026
d4c4bf5320e4383ba8390cc0cf359c448d1a4ec4d97e526de9fc25d6226949e2

HTTP Headers

GET /w3m/v1/getDesktopListings?projectId=e542ff314e26ff34de2d4fba98db70bb&page=1&entries=9&version=2 HTTP/1.1
Host: explorer-api.walletconnect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:39:58 GMT
content-type: application/json; charset=utf-8
cf-ray: 879bfee02c8656a4-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 160
cache-control: public, max-age=43200
expires: Thu, 25 Apr 2024 17:39:58 GMT
last-modified: Thu, 25 Apr 2024 05:37:18 GMT
vary: Accept-Encoding
x-robots-tag: noindex
set-cookie: __cf_bm=EABDwKDn.NZaqdNuWijBWgFsk_qUdFGWa2l_oUr.PIs-1714023598-1.0.1.1-EY68bpiLxZPLceX34TSzImvvRurf_gsrlzc8P.YDNDvlHlLNgOTxeo6rSePDpn8YL1a9zUj_RTHD0a2VQzkynA; path=/; expires=Thu, 25-Apr-24 06:09:58 GMT; domain=.walletconnect.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2

bsc-dataseed1.defibit.io/

99.83.204.86

200 OK

108 B

URL POST HTTP/2
bsc-dataseed1.defibit.io/
IP
99.83.204.86:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerAmazon
Subjectdefibit.io
FingerprintF7:D5:85:A1:FD:D2:03:6C:59:FA:82:F2:19:D2:77:B3:DF:8C:23:24
ValidityWed, 12 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT

File type
JSON text data
Size
108 B (108 bytes)
Hash
1c938da0fe74213ad2ec85dd4bab2608
d95bfb22c2da4244f296acc737bb30e75baf7122
1bf221174d125393afea3877676299968d827542d9d4f1028264ac29e521c8fb

HTTP Headers

POST / HTTP/1.1
Host: bsc-dataseed1.defibit.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
Content-Type: application/json
Content-Length: 1800
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:39:58 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 600
x-nr-trace-id: 00000000000000000000000000000000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: br
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-334KNG3DMQ&gtm=45je44o0v873867766z8834067533za200&_p=1714023596674&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=373164024.1714023598&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1714023598&sct=1&seg=0&dl=https%3A%2F%2Fpay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app%2Framps&dt=PancakeSwap&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3873

216.239.34.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-334KNG3DMQ&gtm=45je44o0v873867766z8834067533za200&_p=1714023596674&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=373164024.1714023598&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1714023598&sct=1&seg=0&dl=https%3A%2F%2Fpay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app%2Framps&dt=PancakeSwap&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3873
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-334KNG3DMQ&gtm=45je44o0v873867766z8834067533za200&_p=1714023596674&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=373164024.1714023598&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1714023598&sct=1&seg=0&dl=https%3A%2F%2Fpay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app%2Framps&dt=PancakeSwap&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3873 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
date: Thu, 25 Apr 2024 05:39:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-334KNG3DMQ&cid=373164024.1714023598&gtm=45je44o0v873867766z8834067533za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1549604948

142.250.74.163

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-334KNG3DMQ&cid=373164024.1714023598&gtm=45je44o0v873867766z8834067533za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1549604948
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint4E:BD:F9:72:97:67:A2:4B:EE:E4:B0:03:CD:C8:F3:30:53:27:53:1D
ValidityMon, 18 Mar 2024 20:50:06 GMT - Mon, 10 Jun 2024 20:50:05 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-334KNG3DMQ&cid=373164024.1714023598&gtm=45je44o0v873867766z8834067533za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1549604948 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 25 Apr 2024 05:39:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

explorer-api.walletconnect.com/w3m/v1/getWalletImage/9f259366-0bcd-4817-0af9-f78773e41900?projectId=e542ff314e26ff34de2d4fba98db70bb

104.18.27.46

200 OK

7.2 kB

URL GET HTTP/2
explorer-api.walletconnect.com/w3m/v1/getWalletImage/9f259366-0bcd-4817-0af9-f78773e41900?projectId=e542ff314e26ff34de2d4fba98db70bb
IP
104.18.27.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerGoogle Trust Services LLC
Subjectwalletconnect.com
FingerprintED:B4:3C:64:2E:D4:9E:75:2A:0F:E4:F1:85:B7:CD:B6:A8:91:DE:37
ValidityTue, 27 Feb 2024 02:22:47 GMT - Mon, 27 May 2024 02:22:46 GMT

File type
RIFF (little-endian) data, Web/P image
Size
7.2 kB (7170 bytes)
Hash
342152b7fdcb21b38fb77d6b55dab77b
c98e9cc318eef9dbe98df17fe6c3afc699dbee33
a1962f56716c3fc8e93e593dd611f7b45a8632bacf8df45b56f9dcc5b3c10958

HTTP Headers

GET /w3m/v1/getWalletImage/9f259366-0bcd-4817-0af9-f78773e41900?projectId=e542ff314e26ff34de2d4fba98db70bb HTTP/1.1
Host: explorer-api.walletconnect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:39:59 GMT
content-type: image/webp
content-length: 7170
cf-ray: 879bfee7ea9eb4f1-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 41318
cache-control: public, max-age=31536000
etag: "cftQTt3un0HlQqBazMK6bKNWLiUG7FeV1c8ZwDJoU7DQ"
expires: Fri, 25 Apr 2025 05:39:59 GMT
vary: Accept, Accept-Encoding
cf-bgj: imgq:86,h2pri
cf-images: internal=ok/- q=0 n=19+0 c=2+29 v=2023.9.8 l=7170
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
x-robots-tag: noindex
x-wc-r2-status: HIT
set-cookie: __cf_bm=0LXQfqSUDWjBukbyNvMXt9nHtEOaJisDrvPn1Zygizs-1714023599-1.0.1.1-o85gACMV0IKpnse4B_g8b7hpdZLkfex4p3d.kCZHuq_eRBwOq2EuI73N8SiMZqEX30zLpYhhgmGRjc8ZqtP4nQ; path=/; expires=Thu, 25-Apr-24 06:09:59 GMT; domain=.walletconnect.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

explorer-api.walletconnect.com/w3m/v1/getWalletImage/73f6f52f-7862-49e7-bb85-ba93ab72cc00?projectId=e542ff314e26ff34de2d4fba98db70bb

104.18.27.46

200 OK

2.8 kB

URL GET HTTP/2
explorer-api.walletconnect.com/w3m/v1/getWalletImage/73f6f52f-7862-49e7-bb85-ba93ab72cc00?projectId=e542ff314e26ff34de2d4fba98db70bb
IP
104.18.27.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerGoogle Trust Services LLC
Subjectwalletconnect.com
FingerprintED:B4:3C:64:2E:D4:9E:75:2A:0F:E4:F1:85:B7:CD:B6:A8:91:DE:37
ValidityTue, 27 Feb 2024 02:22:47 GMT - Mon, 27 May 2024 02:22:46 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp
Size
2.8 kB (2762 bytes)
Hash
f5c89ff82dee2a99c7fd3d8c2572cadb
f508f5771e1d44c1b018f9b76c0059bfaf661cfb
cb9fb4000086474f84dcae9a54dd2862d09878bc505f1d4b5525755a5723eca9

HTTP Headers

GET /w3m/v1/getWalletImage/73f6f52f-7862-49e7-bb85-ba93ab72cc00?projectId=e542ff314e26ff34de2d4fba98db70bb HTTP/1.1
Host: explorer-api.walletconnect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:39:59 GMT
content-type: image/webp
content-length: 2762
cf-ray: 879bfee7ea9ab4f1-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 41386
cache-control: public, max-age=31536000
etag: "cfRMNMx7h0m2-_fAD9P7SygyPPUG7FeV1c8ZwDJoU7DQ"
expires: Fri, 25 Apr 2025 05:39:59 GMT
vary: Accept, Accept-Encoding
cf-bgj: imgq:86,h2pri
cf-images: internal=ok/- q=0 n=28+0 c=1+19 v=2024.3.2 l=2762
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
x-robots-tag: noindex
x-wc-r2-status: HIT
set-cookie: __cf_bm=OHOdAexhjhsf.9YFQEVXMa0BAgi8_ZhL.mDPl5fbZ6o-1714023599-1.0.1.1-aDkp7E.g90h_H9gdS428NzCQuPyDwqUjEtO_1eeM22NnNIJBHYUUSQG6YQ.nqfm9JhMiqHFhxLGKJTaD4JabFQ; path=/; expires=Thu, 25-Apr-24 06:09:59 GMT; domain=.walletconnect.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

explorer-api.walletconnect.com/w3m/v1/getWalletImage/204b2240-5ce4-4996-6ec4-f06a22726900?projectId=e542ff314e26ff34de2d4fba98db70bb

104.18.27.46

200 OK

9.3 kB

URL GET HTTP/2
explorer-api.walletconnect.com/w3m/v1/getWalletImage/204b2240-5ce4-4996-6ec4-f06a22726900?projectId=e542ff314e26ff34de2d4fba98db70bb
IP
104.18.27.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerGoogle Trust Services LLC
Subjectwalletconnect.com
FingerprintED:B4:3C:64:2E:D4:9E:75:2A:0F:E4:F1:85:B7:CD:B6:A8:91:DE:37
ValidityTue, 27 Feb 2024 02:22:47 GMT - Mon, 27 May 2024 02:22:46 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp
Size
9.3 kB (9300 bytes)
Hash
f8d4c3c7b0a8ffc1da0f3fddeb9df5f0
e9656a24390cdddef52d3190e7059dedbef85d16
32efe5b98531569d4ee92ffd791b6c3ad191a5178b224377fc427918ae4e2caf

HTTP Headers

GET /w3m/v1/getWalletImage/204b2240-5ce4-4996-6ec4-f06a22726900?projectId=e542ff314e26ff34de2d4fba98db70bb HTTP/1.1
Host: explorer-api.walletconnect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:39:59 GMT
content-type: image/webp
content-length: 9300
cf-ray: 879bfee7ea9fb4f1-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 41318
cache-control: public, max-age=31536000
etag: "cfHSK7haDWQDA9lEEikk-9BEcPUG7FeV1c8ZwDJoU7DQ"
expires: Fri, 25 Apr 2025 05:39:59 GMT
vary: Accept, Accept-Encoding
cf-bgj: imgq:86,h2pri
cf-images: internal=ok/- q=0 n=441+0 c=4+28 v=2024.3.2 l=9300
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
x-robots-tag: noindex
x-wc-r2-status: HIT
set-cookie: __cf_bm=K0Dph0wEFgjzC14q7UskrD05IDGjWW8eK0PB2RxI7Do-1714023599-1.0.1.1-qVdCsaopA_zMHJR.H5A6M.xeny4Bi_GnsaLDXN49S4WkEz.Ad2GASxcLOUQyqPpU7yuum3sh8y0XvraC6Ku.gw; path=/; expires=Thu, 25-Apr-24 06:09:59 GMT; domain=.walletconnect.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

tokens.pancakeswap.finance/pancakeswap-extended.json

104.26.2.169

200 OK

28 kB

URL GET HTTP/2
tokens.pancakeswap.finance/pancakeswap-extended.json
IP
104.26.2.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subjecttokens.pancakeswap.finance
Fingerprint16:4E:75:1C:22:7A:65:1F:A3:EE:D9:84:E5:17:6B:94:18:D4:CB:75
ValidityTue, 02 Apr 2024 17:48:58 GMT - Mon, 01 Jul 2024 17:48:57 GMT

File type
JSON text data
Size
28 kB (27650 bytes)
Hash
40c72acaa6a350b18347e11618ba79bf
5ce40c4f923e05162d5eb4c6748dce208ccef6be
5e4082e2e92171ec2cc9adc36b81f4281e484486d86fe51b367e713cfa9f82bb

HTTP Headers

GET /pancakeswap-extended.json HTTP/1.1
Host: tokens.pancakeswap.finance
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:39:58 GMT
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"e0435e8c440d2a657b231474d5cde1ff"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0LV%2BPnU1jc8f5sPKcj31Erb8BsrjDwYq4KhoqwJvPlxaxxdWWLt%2BGOntqzrxawfbYeOn3sORKNe%2BxkL8p8OSynvAkrrbSjXsD0yFZMGCqyMTadwA1V0HRi7xmy7CEIH2We80iYdqXGWFROuMJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 879bfedfa99656c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/worker-chunks-ed675b153cc8567b.js

76.76.21.22

200 OK

262 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/worker-chunks-ed675b153cc8567b.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/quote-worker.1ac00aeec6a8b8d4.js
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
262 kB (262350 bytes)
Hash
33d9bbcbcef3a9304bc8bcd2a6c9cecb
c3c9e58d36f1aad04dba2b03204b4cb0ef29b334
7fd9ce983f68bb663f6064458935dfd3af549941887c4a93a6085da7e4959592

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/worker-chunks-ed675b153cc8567b.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/quote-worker.1ac00aeec6a8b8d4.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
age: 638889
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="worker-chunks-ed675b153cc8567b.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:57 GMT
etag: W/"33d9bbcbcef3a9304bc8bcd2a6c9cecb"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/chunks/worker-chunks-ed675b153cc8567b.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::vht4j-1714023597637-a11a2782d691
X-Firefox-Spdy: h2

explorer-api.walletconnect.com/w3m/v1/getWalletImage/a7f416de-aa03-4c5e-3280-ab49269aef00?projectId=e542ff314e26ff34de2d4fba98db70bb

104.18.27.46

200 OK

2.1 kB

URL GET HTTP/2
explorer-api.walletconnect.com/w3m/v1/getWalletImage/a7f416de-aa03-4c5e-3280-ab49269aef00?projectId=e542ff314e26ff34de2d4fba98db70bb
IP
104.18.27.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerGoogle Trust Services LLC
Subjectwalletconnect.com
FingerprintED:B4:3C:64:2E:D4:9E:75:2A:0F:E4:F1:85:B7:CD:B6:A8:91:DE:37
ValidityTue, 27 Feb 2024 02:22:47 GMT - Mon, 27 May 2024 02:22:46 GMT

File type
RIFF (little-endian) data, Web/P image
Size
2.1 kB (2090 bytes)
Hash
2052ea08b332c87388dc42097624cb20
8b82e1e2dd5a482ae90433c763b268b99f6cf093
11a824e4c63932ec7c2684c8c9554c84461efb5d731d15387d77bb5c3e78f9d5

HTTP Headers

GET /w3m/v1/getWalletImage/a7f416de-aa03-4c5e-3280-ab49269aef00?projectId=e542ff314e26ff34de2d4fba98db70bb HTTP/1.1
Host: explorer-api.walletconnect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:39:59 GMT
content-type: image/webp
content-length: 2090
cf-ray: 879bfee7fab0b4f1-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 23991
cache-control: public, max-age=31536000
etag: "cfeV6YXTHd_vyfarpvxqg62GCGUG7FeV1c8ZwDJoU7DQ"
expires: Fri, 25 Apr 2025 05:39:59 GMT
vary: Accept, Accept-Encoding
cf-bgj: imgq:86,h2pri
cf-images: internal=ok/- q=0 n=271+0 c=0+23 v=2024.3.2 l=2090
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
x-robots-tag: noindex
x-wc-r2-status: HIT
set-cookie: __cf_bm=DWP.39TN2DllN0PErgZtwkaGsMwkCJt6iKEN73O4XxI-1714023599-1.0.1.1-ZkAkN5KWcdvTJ6GI24znZJ1c7hPsMu5Dd2EEAc2JJ6P1gwOqHt7uhMEejOa5PzNHxYyC1x0BDqXA5UhzO0ayZA; path=/; expires=Thu, 25-Apr-24 06:09:59 GMT; domain=.walletconnect.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

explorer-api.walletconnect.com/w3m/v1/getWalletImage/7e1514ba-932d-415d-1bdb-bccb6c2cbc00?projectId=e542ff314e26ff34de2d4fba98db70bb

104.18.27.46

200 OK

2.6 kB

URL GET HTTP/2
explorer-api.walletconnect.com/w3m/v1/getWalletImage/7e1514ba-932d-415d-1bdb-bccb6c2cbc00?projectId=e542ff314e26ff34de2d4fba98db70bb
IP
104.18.27.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerGoogle Trust Services LLC
Subjectwalletconnect.com
FingerprintED:B4:3C:64:2E:D4:9E:75:2A:0F:E4:F1:85:B7:CD:B6:A8:91:DE:37
ValidityTue, 27 Feb 2024 02:22:47 GMT - Mon, 27 May 2024 02:22:46 GMT

File type
RIFF (little-endian) data, Web/P image
Size
2.6 kB (2632 bytes)
Hash
d62bfd6a0d4e300d8e50b60fbe10eab0
251de0bd2dba5194b0dc337e371b017f673d2b40
9407c0251bd7b695a38698d04bbb15514ed472e11797aef7793b9acb2b04fcff

HTTP Headers

GET /w3m/v1/getWalletImage/7e1514ba-932d-415d-1bdb-bccb6c2cbc00?projectId=e542ff314e26ff34de2d4fba98db70bb HTTP/1.1
Host: explorer-api.walletconnect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:39:59 GMT
content-type: image/webp
content-length: 2632
cf-ray: 879bfee7fabbb4f1-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 41318
cache-control: public, max-age=31536000
etag: "cfmeYviP6kCNFgjEWLRBgPUJnDUG7FeV1c8ZwDJoU7DQ"
expires: Fri, 25 Apr 2025 05:39:59 GMT
vary: Accept, Accept-Encoding
cf-bgj: imgq:86,h2pri
cf-images: internal=ok/- q=0 n=21+0 c=0+17 v=2024.3.2 l=2632
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
x-robots-tag: noindex
x-wc-r2-status: HIT
set-cookie: __cf_bm=CBqGJN2M4G1ggAbmwJ0YlF79jFs92ih3cbfF6lAbwM0-1714023599-1.0.1.1-h4v.J3UxdBZazGeUIoeq7purMiPuy8lymvjUPpTP_pweuonsl7NcdnrMuAgDA6MZw.U_D23ngKmWzbcZrGOJQQ; path=/; expires=Thu, 25-Apr-24 06:09:59 GMT; domain=.walletconnect.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

bsc-dataseed1.defibit.io/

99.83.204.86

200 OK

3.9 kB

URL POST HTTP/2
bsc-dataseed1.defibit.io/
IP
99.83.204.86:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerAmazon
Subjectdefibit.io
FingerprintF7:D5:85:A1:FD:D2:03:6C:59:FA:82:F2:19:D2:77:B3:DF:8C:23:24
ValidityWed, 12 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT

File type
JSON text data
Size
3.9 kB (3867 bytes)
Hash
55062d64705a2c86fe29be10d9f4bb18
13f497efe0a4143c730969ca5a1087c75e885c19
cf2b30911d655cabdb56970b23d166a21b1a93cc909079bd1ad8ba555d12cf06

HTTP Headers

POST / HTTP/1.1
Host: bsc-dataseed1.defibit.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
Content-Type: application/json
Content-Length: 648
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:39:58 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 600
x-nr-trace-id: 00000000000000000000000000000000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: br
X-Firefox-Spdy: h2

explorer-api.walletconnect.com/w3m/v1/getWalletImage/c39b3a16-1a38-4588-f089-cb7aeb584700?projectId=e542ff314e26ff34de2d4fba98db70bb

104.18.27.46

200 OK

5.1 kB

URL GET HTTP/2
explorer-api.walletconnect.com/w3m/v1/getWalletImage/c39b3a16-1a38-4588-f089-cb7aeb584700?projectId=e542ff314e26ff34de2d4fba98db70bb
IP
104.18.27.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerGoogle Trust Services LLC
Subjectwalletconnect.com
FingerprintED:B4:3C:64:2E:D4:9E:75:2A:0F:E4:F1:85:B7:CD:B6:A8:91:DE:37
ValidityTue, 27 Feb 2024 02:22:47 GMT - Mon, 27 May 2024 02:22:46 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp
Size
5.1 kB (5054 bytes)
Hash
7cd3960a5002ec8ffd672267dbd184cf
9c353d573e5f9cb57df4068ced24b2455b6f3ddd
1562ed280e5486999bfa41e9eddf46996b078b54e14fff9748b427c793bc6969

HTTP Headers

GET /w3m/v1/getWalletImage/c39b3a16-1a38-4588-f089-cb7aeb584700?projectId=e542ff314e26ff34de2d4fba98db70bb HTTP/1.1
Host: explorer-api.walletconnect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:39:59 GMT
content-type: image/webp
content-length: 5054
cf-ray: 879bfee7fabfb4f1-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 41318
cache-control: public, max-age=31536000
etag: "cfzxenqWecI6yJVG_C8-69sArsUG7FeV1c8ZwDJoU7DQ"
expires: Fri, 25 Apr 2025 05:39:59 GMT
vary: Accept, Accept-Encoding
cf-bgj: imgq:86,h2pri
cf-images: internal=ok/- q=0 n=1601+0 c=0+8 v=2024.3.2 l=5054
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
x-robots-tag: noindex
x-wc-r2-status: HIT
set-cookie: __cf_bm=m.0cRg7C4Z3yoksDavwmG0KCIZ7JByjtWjW9reK5d8Y-1714023599-1.0.1.1-09JxyM6AaXy2lYvzqYKYDgEBnl.QCwZ61r0t4QRD10DiIZRuz3.r6GUOkiYNUjjWdU6xkPtJXmfwa_jOSOemkg; path=/; expires=Thu, 25-Apr-24 06:09:59 GMT; domain=.walletconnect.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

151.101.128.176

154 B

URL
js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
IP
151.101.128.176:0
ASN
#54113 FASTLY

Certificate
IssuerDigiCert Inc
Subjecta.stripecdn.com
Fingerprint0C:7B:EC:2B:0B:A8:81:87:0C:D3:D8:55:B6:26:0F:CB:FA:28:ED:F8
ValidityWed, 27 Mar 2024 00:00:00 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
HTML document, ASCII text, with no line terminators
Size
154 B (154 bytes)
Hash
3437aaddcdf6922d623e172c2d6f9278
f69066cf20141ac93418102d3eee7c0225b8a623
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

HTTP Headers

GET /v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
cache-control: max-age=31536000
content-type: text/html; charset=utf-8
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Thu, 25 Apr 2024 05:39:59 GMT
via: 1.1 varnish
age: 11552414
x-request-id: 8d8103c6-fe60-4dd9-8493-5311b756ef7a
x-served-by: cache-hel1410022-HEL
x-cache: HIT
x-cache-hits: 119014
vary: Accept-Encoding
timing-allow-origin: *
content-length: 154
X-Firefox-Spdy: h2

js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

151.101.128.176

200 OK

315 B

URL GET HTTP/2
js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
IP
151.101.128.176:443
ASN
#54113 FASTLY

Requested by
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html#url=https%3A%2F%2Fpay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app%2Framps&title=PancakeSwap&referrer=&muid=NA&sid=NA&version=6&preview=false
Certificate
IssuerDigiCert Inc
Subjecta.stripecdn.com
Fingerprint0C:7B:EC:2B:0B:A8:81:87:0C:D3:D8:55:B6:26:0F:CB:FA:28:ED:F8
ValidityWed, 27 Mar 2024 00:00:00 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (526), with no line terminators
Size
315 B (315 bytes)
Hash
d96c709017743c0759cf3853d1806ba5
72e21587610c49c8305a55e71f73fa88ed618205
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

HTTP Headers

GET /v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 11 Nov 2022 20:25:36 GMT
etag: "d96c709017743c0759cf3853d1806ba5"
cache-control: max-age=31536000
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Thu, 25 Apr 2024 05:39:59 GMT
via: 1.1 varnish
age: 10927757
x-request-id: 0395650b-de10-42af-bffc-c5d8d935afea
x-served-by: cache-hel1410022-HEL
x-cache: HIT
x-cache-hits: 116252
vary: Accept-Encoding
timing-allow-origin: *
content-length: 315
X-Firefox-Spdy: h2

m.stripe.network/inner.html

54.230.111.111

930 B

URL
m.stripe.network/inner.html
IP
54.230.111.111:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with very long lines (930), with no line terminators
Size
930 B (930 bytes)
Hash
06bfcd88af438673a8bf9b845a11aa6e
d024a745032cbe115526abe648d9fa0f0a10a681
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

HTTP Headers

GET /inner.html HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=utf-8
content-length: 930
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
accept-ranges: bytes
server: Cloudfront
date: Thu, 25 Apr 2024 05:36:34 GMT
cache-control: max-age=300, public
etag: "06bfcd88af438673a8bf9b845a11aa6e"
vary: Accept-Encoding, Origin
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
age: 207
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bwHvPCVyDPlF-9dQvBkVCo5aKL9afZfWDnCkKiscXxt7pwq-wDxD2w==
X-Firefox-Spdy: h2

api.thegraph.com/subgraphs/name/pectoraux/ramps

104.18.40.31

200 OK

1.3 kB

URL OPTIONS HTTP/2
api.thegraph.com/subgraphs/name/pectoraux/ramps
IP
104.18.40.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subjectthegraph.com
Fingerprint6B:E2:7C:AD:D8:69:7D:09:92:A6:9D:9D:C2:6D:25:DF:03:57:C5:AC
ValidityFri, 19 Apr 2024 23:12:54 GMT - Thu, 18 Jul 2024 23:12:53 GMT

File type
JSON text data
Size
1.3 kB (1340 bytes)
Hash
fdfa16aedca5734df6e161aa44272823
f717745e29339d2cdd6db31afa974f1b057bd686
567864cb89f7aad779710b8b3519a841d5a2c425219d9e21d23449377ef7bdec

HTTP Headers

POST /subgraphs/name/pectoraux/ramps HTTP/1.1
Host: api.thegraph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
content-type: application/json
Content-Length: 691
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:40:00 GMT
content-type: application/json
cf-ray: 879bfeea3a48b4f7-OSL
cf-cache-status: DYNAMIC
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-headers: Content-Type, User-Agent
access-control-allow-methods: GET, OPTIONS, POST
graph-attestable: true
set-cookie: __cf_bm=ziFCDZz_U7UpDLKSw2kwwrpLQB6kLtoDIVjS8HgWb.I-1714023600-1.0.1.1-Nfp9_gQ..bcJNX.IXmV_1Caof1DhHSsVYaYkh.StU1yuDH0Mwf4EIRIAAXcoOiRqng8FNLUzrGzHe02tM_1gmw; path=/; expires=Thu, 25-Apr-24 06:10:00 GMT; domain=.thegraph.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

rpc.testnet.fantom.network/

164.90.175.140

200 OK

181 B

URL OPTIONS HTTP/1.1
rpc.testnet.fantom.network/
IP
164.90.175.140:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subjectrpc.testnet.fantom.network
FingerprintA6:9A:87:58:69:B0:CA:5B:54:21:7C:28:8C:D0:02:BA:61:66:48:5C
ValiditySat, 09 Mar 2024 04:39:17 GMT - Fri, 07 Jun 2024 04:39:16 GMT

File type
JSON text data
Size
181 B (181 bytes)
Hash
b13f95b85c746550dbc8d928a11c748d
2d1dac4e797d75b6c6b78ecc15759982d51cc45a
940bc83d43e87f557c330ad41381216fbf557ad6347632b1290992203fbcf0d5

HTTP Headers

POST / HTTP/1.1
Host: rpc.testnet.fantom.network
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
Content-Type: application/json
Content-Length: 1480
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 25 Apr 2024 05:40:00 GMT
Content-Type: application/json
Content-Length: 181
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Origin

api.thegraph.com/subgraphs/name/pectoraux/ramps

104.18.40.31

200 OK

15 kB

URL OPTIONS HTTP/2
api.thegraph.com/subgraphs/name/pectoraux/ramps
IP
104.18.40.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subjectthegraph.com
Fingerprint6B:E2:7C:AD:D8:69:7D:09:92:A6:9D:9D:C2:6D:25:DF:03:57:C5:AC
ValidityFri, 19 Apr 2024 23:12:54 GMT - Thu, 18 Jul 2024 23:12:53 GMT

File type
data
Size
15 kB (14599 bytes)
Hash
ceb894d12d97e060f8c1dff34eaf2141
8a441c675f499869ba61a476b95762228629eecf
c3f17b607e87d9a20719f296998359949ac35bcc833701690fdb03f807f98b5b

HTTP Headers

OPTIONS /subgraphs/name/pectoraux/ramps HTTP/1.1
Host: api.thegraph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:39:59 GMT
content-type: text/html; charset=utf-8
cf-ray: 879bfee90972b4f7-OSL
cf-cache-status: DYNAMIC
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-headers: Content-Type, User-Agent
access-control-allow-methods: GET, OPTIONS, POST
set-cookie: __cf_bm=MaNj2uswlkKsmaP68R9AJYcrGdQv3CRr3L3Ol3i9hqs-1714023599-1.0.1.1-geKFuO0k62X3gqNrspYpA6LXtVk.L306O3WsYac1Ykp4SBCD_qjC3UoDSfh.icBamHREU4j_o1v6ufNzHHD3ZA; path=/; expires=Thu, 25-Apr-24 06:09:59 GMT; domain=.thegraph.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

pancake-trading-fee-rebate-api.pancakeswap.com/api/v1/campaign/status/0/type/rb

76.76.21.164

500 Internal Server Error

56 B

URL GET HTTP/2
pancake-trading-fee-rebate-api.pancakeswap.com/api/v1/campaign/status/0/type/rb
IP
76.76.21.164:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subjectpancake-trading-fee-rebate-api.pancakeswap.com
FingerprintA5:FC:37:2C:1A:5E:1C:05:39:EA:D0:56:25:28:0B:6C:A7:EF:C0:F3
ValiditySun, 31 Mar 2024 15:51:36 GMT - Sat, 29 Jun 2024 15:51:35 GMT

File type
ASCII text
Size
56 B (56 bytes)
Hash
2b6bca77cf7ed26b3abb200e2d0bd0ab
c86dda9b97300585e3c2d102725da0c4a9d16409
4b74840efef56a2c27780c7ad4b19c350eee08a3eaf4f7c93898cc66cc21180b

HTTP Headers

GET /api/v1/campaign/status/0/type/rb HTTP/1.1
Host: pancake-trading-fee-rebate-api.pancakeswap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 500 Internal Server Error
access-control-allow-headers: Accept, Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public, max-age=0, must-revalidate
content-type: text/plain; charset=utf-8
date: Thu, 25 Apr 2024 05:40:02 GMT
pragma: no-cache
server: Vercel
strict-transport-security: max-age=63072000
x-vercel-error: FUNCTION_INVOCATION_FAILED
x-vercel-id: arn1::pktqt-1714023597341-25aebebc86eb
content-length: 56
X-Firefox-Spdy: h2

bsc-dataseed1.defibit.io/

99.83.204.86

200 OK

0 B

URL POST HTTP/2
bsc-dataseed1.defibit.io/
IP
99.83.204.86:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerAmazon
Subjectdefibit.io
FingerprintF7:D5:85:A1:FD:D2:03:6C:59:FA:82:F2:19:D2:77:B3:DF:8C:23:24
ValidityWed, 12 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS / HTTP/1.1
Host: bsc-dataseed1.defibit.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Thu, 25 Apr 2024 05:40:03 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 600
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubdomains
X-Firefox-Spdy: h2

bsc-dataseed1.defibit.io/

99.83.204.86

200 OK

0 B

URL POST HTTP/2
bsc-dataseed1.defibit.io/
IP
99.83.204.86:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerAmazon
Subjectdefibit.io
FingerprintF7:D5:85:A1:FD:D2:03:6C:59:FA:82:F2:19:D2:77:B3:DF:8C:23:24
ValidityWed, 12 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS / HTTP/1.1
Host: bsc-dataseed1.defibit.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Thu, 25 Apr 2024 05:40:09 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 600
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubdomains
X-Firefox-Spdy: h2

bsc-dataseed1.defibit.io/

99.83.204.86

200 OK

50 B

URL POST HTTP/2
bsc-dataseed1.defibit.io/
IP
99.83.204.86:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerAmazon
Subjectdefibit.io
FingerprintF7:D5:85:A1:FD:D2:03:6C:59:FA:82:F2:19:D2:77:B3:DF:8C:23:24
ValidityWed, 12 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT

File type
JSON text data
Size
50 B (50 bytes)
Hash
ee440014b4231437149cb414db98a4f4
09e9839b836e0339642c5f97931721e1d846c360
e547c85f1ea9039dcf3ef8facecebdf9d3f9ae6a1f4fad55041248b71fa0adc4

HTTP Headers

POST / HTTP/1.1
Host: bsc-dataseed1.defibit.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
Content-Type: application/json
Content-Length: 52
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:40:09 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 600
x-nr-trace-id: 00000000000000000000000000000000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: br
X-Firefox-Spdy: h2

bsc-dataseed1.defibit.io/

99.83.204.86

200 OK

0 B

URL POST HTTP/2
bsc-dataseed1.defibit.io/
IP
99.83.204.86:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerAmazon
Subjectdefibit.io
FingerprintF7:D5:85:A1:FD:D2:03:6C:59:FA:82:F2:19:D2:77:B3:DF:8C:23:24
ValidityWed, 12 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS / HTTP/1.1
Host: bsc-dataseed1.defibit.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Thu, 25 Apr 2024 05:40:17 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 600
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubdomains
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/5298-309e53b67e4c2392.js

76.76.21.22

200 OK

65 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/5298-309e53b67e4c2392.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
JavaScript source, ASCII text, with very long lines (46912)
Size
65 kB (65100 bytes)
Hash
5b3d0e7658b834ddf95ad288d7a7bf0e
0ce802786dcdaf74961b06a2bf87ac07c92e56c4
cd284958f7187362f3a10d504382b8fef07a1751e8d5042ed6b5f436c7c4d648

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/5298-309e53b67e4c2392.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 90361
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="5298-309e53b67e4c2392.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:54 GMT
etag: W/"5b3d0e7658b834ddf95ad288d7a7bf0e"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/chunks/5298-309e53b67e4c2392.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::xht85-1714023594821-2797d8b66439
X-Firefox-Spdy: h2

api.thegraph.com/subgraphs/name/pancakeswap/pottery

104.18.40.31

200 OK

0 B

URL OPTIONS HTTP/2
api.thegraph.com/subgraphs/name/pancakeswap/pottery
IP
104.18.40.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subjectthegraph.com
Fingerprint6B:E2:7C:AD:D8:69:7D:09:92:A6:9D:9D:C2:6D:25:DF:03:57:C5:AC
ValidityFri, 19 Apr 2024 23:12:54 GMT - Thu, 18 Jul 2024 23:12:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /subgraphs/name/pancakeswap/pottery HTTP/1.1
Host: api.thegraph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:39:57 GMT
content-type: text/html; charset=utf-8
cf-ray: 879bfeda9ea5b4f7-OSL
cf-cache-status: DYNAMIC
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-headers: Content-Type, User-Agent
access-control-allow-methods: GET, OPTIONS, POST
set-cookie: __cf_bm=J66RuXWNcAfiCKZsv_VPmS77h4tcxGODKTV.L8OvFJE-1714023597-1.0.1.1-JUZIvHEn8dgsyfIpX2vvekMVIi0DAw1tljvLbaRwq_9RiuT8RCWXtHFD47Vnm9uz7sj6XG0weTbM3ttwGHBSIg; path=/; expires=Thu, 25-Apr-24 06:09:57 GMT; domain=.thegraph.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=V1.piVLyNyjtL.Jq2.DRuCB.w6Go7KA.O3qwOOh_WrM-1714023597-1.0.1.1-dCjIAqc.L1rtADuYndCkwLFRRGT8OzPG32psQKbP7EIQ66otT27NkOKalmdQGY8EjYfKugNba8rRiL9FXgc3KB1WiPHn.SPY2Amli0pctYrDdtJTzAs9CCnifMBbR5gcpsF1Y.9NvguTeKJayqSMTFDuheBMzIzq0t72DraYj8I"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=V1.piVLyNyjtL.Jq2.DRuCB.w6Go7KA.O3qwOOh_WrM-1714023597-1.0.1.1-dCjIAqc.L1rtADuYndCkwLFRRGT8OzPG32psQKbP7EIQ66otT27NkOKalmdQGY8EjYfKugNba8rRiL9FXgc3KB1WiPHn.SPY2Amli0pctYrDdtJTzAs9CCnifMBbR5gcpsF1Y.9NvguTeKJayqSMTFDuheBMzIzq0t72DraYj8I; report-to cf-csp-endpoint
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

api.thegraph.com/subgraphs/name/pancakeswap/pottery

104.18.40.31

200 OK

136 B

URL POST HTTP/2
api.thegraph.com/subgraphs/name/pancakeswap/pottery
IP
104.18.40.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subjectthegraph.com
Fingerprint6B:E2:7C:AD:D8:69:7D:09:92:A6:9D:9D:C2:6D:25:DF:03:57:C5:AC
ValidityFri, 19 Apr 2024 23:12:54 GMT - Thu, 18 Jul 2024 23:12:53 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
136 B (136 bytes)
Hash
191a0dc93a9f2b1512f8360627f02322
652cbc4091f112ce5f10bac4366c84cdb9fa360f
1f843043494a92cb617eadc03b120a636902f12da0d2f6026c3720274830215f

HTTP Headers

POST /subgraphs/name/pancakeswap/pottery HTTP/1.1
Host: api.thegraph.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
content-type: application/json
Content-Length: 287
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:39:57 GMT
content-type: application/json
cf-ray: 879bfedc580cb4f7-OSL
cf-cache-status: DYNAMIC
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-headers: Content-Type, User-Agent
access-control-allow-methods: GET, OPTIONS, POST
graph-attestable: true
set-cookie: __cf_bm=Ggic1goVdktmR69b6LmyZBZ8Ka.Ull8uhi6iFjlBl70-1714023597-1.0.1.1-WeQRaktwgW8c7KJB.7kAjceSkEZrNnLlF.ZuOoRX1eS4aaPpAx2kYgea4qvO_KTJcATQ.f_A6wilstZB7tBQCQ; path=/; expires=Thu, 25-Apr-24 06:09:57 GMT; domain=.thegraph.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/6351-bfd7d6f3a8e94f52.js

76.76.21.22

200 OK

12 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/6351-bfd7d6f3a8e94f52.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
JavaScript source, ASCII text, with very long lines (11555)
Size
12 kB (11605 bytes)
Hash
3d5ae80d27e5650c2326d9468fc96424
ef515c92d01c8cb15bb4a7d38d4b29165020aa38
04c63b9373ddc528ff8284c21f76b182d8b84eb484b684c7a41895fd5c0a59ab

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/6351-bfd7d6f3a8e94f52.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 38776
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="6351-bfd7d6f3a8e94f52.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:54 GMT
etag: W/"3d5ae80d27e5650c2326d9468fc96424"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/chunks/6351-bfd7d6f3a8e94f52.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::88sjc-1714023594824-be1022fabc82
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/7507-da3be5528e111e16.js

76.76.21.22

200 OK

106 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/7507-da3be5528e111e16.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
JavaScript source, ASCII text, with very long lines (37008)
Size
106 kB (105967 bytes)
Hash
15caabe64e9852ce4f471a8665d81e08
3025ae21fb8fd81f23d489e807aed46b7e2bd2c8
e4cdaf8cf1455b4d86daea20f7f0ef12b7442f7213fed31990a99de311f65c94

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/7507-da3be5528e111e16.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 38768
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="7507-da3be5528e111e16.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:54 GMT
etag: W/"15caabe64e9852ce4f471a8665d81e08"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/chunks/7507-da3be5528e111e16.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::nl8ss-1714023594829-fb3aa11580ef
X-Firefox-Spdy: h2

assets.pancakeswap.finance/web/wallets/metamask.png

104.26.3.169

200 OK

5.7 kB

URL GET HTTP/2
assets.pancakeswap.finance/web/wallets/metamask.png
IP
104.26.3.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerGoogle Trust Services LLC
Subjectassets.pancakeswap.finance
Fingerprint62:58:8A:23:51:75:94:A4:7B:AD:60:8B:1A:7B:66:06:34:B6:98:0B
ValidityWed, 27 Mar 2024 10:44:32 GMT - Tue, 25 Jun 2024 10:44:31 GMT

File type
PNG image data, 150 x 150, 8-bit colormap, non-interlaced
Size
5.7 kB (5738 bytes)
Hash
94915cd04c09db3b051619b5473e1eba
e2704378fc1d79faa2e3b054299eba38da0c0084
3241b9711fff18a21c24c8331f9c6ed6c79cd2647008818bd68b15ee0291dd26

HTTP Headers

GET /web/wallets/metamask.png HTTP/1.1
Host: assets.pancakeswap.finance
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:39:57 GMT
content-type: image/png
content-length: 5738
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "42f9ce2617d6202af597e10d33973b34"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NEy93jDpadfIWLTDhlhe5VPpZlekjv54%2F3Nx6NE5A%2FsFDFuOTgGekZtaPRUBPh8q47LOf7KJNJJvkLYmGsTLCnaTWZAvMzVHxidL11usLuKp9u201n8Oh%2BbQqiVy9l8qyNuoRydnpIgl9ajCkg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 5537
accept-ranges: bytes
server: cloudflare
cf-ray: 879bfedacc7e56c4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

explorer-api.walletconnect.com/w3m/v1/getWalletImage/fbd441cc-e861-46dc-48ae-a04228ddb500?projectId=e542ff314e26ff34de2d4fba98db70bb

104.18.27.46

200 OK

9.7 kB

URL GET HTTP/2
explorer-api.walletconnect.com/w3m/v1/getWalletImage/fbd441cc-e861-46dc-48ae-a04228ddb500?projectId=e542ff314e26ff34de2d4fba98db70bb
IP
104.18.27.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerGoogle Trust Services LLC
Subjectwalletconnect.com
FingerprintED:B4:3C:64:2E:D4:9E:75:2A:0F:E4:F1:85:B7:CD:B6:A8:91:DE:37
ValidityTue, 27 Feb 2024 02:22:47 GMT - Mon, 27 May 2024 02:22:46 GMT

File type
RIFF (little-endian) data, Web/P image
Size
9.7 kB (9660 bytes)
Hash
2c5be8f0d595a9248edba92d0419c9a7
422f1ca635998f8cdaeec9e7b37e200d0d5842ea
9584c8da5e38495a93fa58ed0efe855fd33a41aa972bcd33ad1d867828964517

HTTP Headers

GET /w3m/v1/getWalletImage/fbd441cc-e861-46dc-48ae-a04228ddb500?projectId=e542ff314e26ff34de2d4fba98db70bb HTTP/1.1
Host: explorer-api.walletconnect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:39:59 GMT
content-type: image/webp
content-length: 9660
cf-ray: 879bfee7eaaab4f1-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 41318
cache-control: public, max-age=31536000
etag: "cfFJ943IWAd-AliTnsJ2QbJY_MUG7FeV1c8ZwDJoU7DQ"
expires: Fri, 25 Apr 2025 05:39:59 GMT
vary: Accept, Accept-Encoding
cf-bgj: imgq:86,h2pri
cf-images: internal=ok/- q=0 n=44+0 c=4+28 v=2024.4.0 l=9660
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
x-robots-tag: noindex
x-wc-r2-status: HIT
set-cookie: __cf_bm=DW8Kkub0IS8ZbBd8s2rUF8tjM.Xng5M.Q0hhqRcUefQ-1714023599-1.0.1.1-fwkTo6_JsHSE67nijR5C7gjLXnD31TU2e9gQs9TweYh0X.hPkxWYCyXrC3UkTQd4aAsS2M99739LjcxbhhXKvA; path=/; expires=Thu, 25-Apr-24 06:09:59 GMT; domain=.walletconnect.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/4768.d9b1d54b7879d92a.js

76.76.21.22

200 OK

294 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/4768.d9b1d54b7879d92a.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type

Size
294 kB (293660 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/4768.d9b1d54b7879d92a.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 638873
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="4768.d9b1d54b7879d92a.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:56 GMT
etag: W/"17e900bb83eff348221206d7eeea9bab"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/chunks/4768.d9b1d54b7879d92a.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::xht85-1714023596441-8d0ff2a2add8
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-TLF66T4

142.250.74.168

200 OK

230 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-TLF66T4
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type
JavaScript source, ASCII text, with very long lines (10853)
Size
230 kB (229620 bytes)
Hash
8565af9defd275bd71038553178a9bd3
350d01f24fe8cdaddc1442222949ed89b6db9de9
2bb648c273e6a9356e5a4fc2beb2cfdbd09cc763462591bedcb26029f516b2b8

HTTP Headers

GET /gtm.js?id=GTM-TLF66T4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 25 Apr 2024 05:39:56 GMT
expires: Thu, 25 Apr 2024 05:39:56 GMT
cache-control: private, max-age=900
last-modified: Thu, 25 Apr 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78739
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tokens.pancakeswap.finance/coingecko.json

104.26.2.169

200 OK

942 kB

URL GET HTTP/2
tokens.pancakeswap.finance/coingecko.json
IP
104.26.2.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subjecttokens.pancakeswap.finance
Fingerprint16:4E:75:1C:22:7A:65:1F:A3:EE:D9:84:E5:17:6B:94:18:D4:CB:75
ValidityTue, 02 Apr 2024 17:48:58 GMT - Mon, 01 Jul 2024 17:48:57 GMT

File type
JSON text data
Size
942 kB (942304 bytes)
Hash
aa05a12ae6d2fa5ae7532acbbaf9a4bf
07c1b543835686fc85e43bbeec082c6070797a5a
5d08abebf597d956bd30f8ecdf7238a29bba76ed384d0472dbfc735f4df212a4

HTTP Headers

GET /coingecko.json HTTP/1.1
Host: tokens.pancakeswap.finance
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:39:58 GMT
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"5ae8849290c0437cb497dc6f27b82a8d"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XVBU4ayazfha%2BVh5XQxLVz%2BrDKR4HZ3MDgi1ihf42918SRt5HAPjhpmMJCGfIeiVZ3kN4IK40svmy06UlaamMP6IeysYRwes%2Bp5aIfaa2qN0q7VJPJBJckrwIsog0QBniExJTW99EDP7tgQCyw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 879bfedfa99c56c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/5370.6f2ed6a12f926b71.js

76.76.21.22

200 OK

138 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/5370.6f2ed6a12f926b71.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type

Size
138 kB (137476 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/5370.6f2ed6a12f926b71.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 83941
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="5370.6f2ed6a12f926b71.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:57 GMT
etag: W/"97ab784a3e1abdbbc0b6d3af2348572b"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/chunks/5370.6f2ed6a12f926b71.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::zjhfd-1714023597991-a94a1b228ae3
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/webpack-d8440d89d291090e.js

76.76.21.22

200 OK

8.6 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/webpack-d8440d89d291090e.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
JavaScript source, ASCII text, with very long lines (8968), with no line terminators
Size
8.6 kB (8647 bytes)
Hash
c3f3e2597ca95dc08e08f89f91a68c6c
9b527412005b3f9b734c59b57b996ea1db49b695
d37aa50528eefbd52e9bf553ca17af0694c57b7fe3401888ee1a9d3a51c7a8b7

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/webpack-d8440d89d291090e.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 638888
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="webpack-d8440d89d291090e.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:54 GMT
etag: W/"6954362172b178b32b1d54a12494c54a"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/chunks/webpack-d8440d89d291090e.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::8qzx8-1714023594815-b361f0f9fde2
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/IZLMtatxGM1y1qcj4EcEm/_buildManifest.js

76.76.21.22

200 OK

16 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/IZLMtatxGM1y1qcj4EcEm/_buildManifest.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
ASCII text, with very long lines (16238), with no line terminators
Size
16 kB (16238 bytes)
Hash
9dab99c08ee63b509f9746c9e439da9e
bac29bc5acb8a284fb276a41104f0a4f2b8ce148
7a3a7af0c7440fac81ce3fe8b5b16ae49a14bac75d91b70a890a93dca0a43b8e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/IZLMtatxGM1y1qcj4EcEm/_buildManifest.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 638887
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_buildManifest.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:54 GMT
etag: W/"9dab99c08ee63b509f9746c9e439da9e"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/IZLMtatxGM1y1qcj4EcEm/_buildManifest.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::jhb6h-1714023594833-d9a525518d74
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/3676.bfc136fe6917fba7.js

76.76.21.22

200 OK

142 B

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/3676.bfc136fe6917fba7.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
ASCII text, with no line terminators
Size
142 B (142 bytes)
Hash
24d6a4793454886507bd9328d64a417f
fab42afb4ca6da0409cfabb386b23b917517c4dc
3ebc9a16d6dec44f8ce35537c4a1775180c00fcd1346d2678fe900ddcdbb3a42

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/3676.bfc136fe6917fba7.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 139282
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="3676.bfc136fe6917fba7.js"
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:56 GMT
etag: "24d6a4793454886507bd9328d64a417f"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/chunks/3676.bfc136fe6917fba7.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::fz7c8-1714023596684-946750ffb288
content-length: 142
X-Firefox-Spdy: h2

assets.pancakeswap.finance/web/wallets/blocto.png

104.26.3.169

200 OK

5.0 kB

URL GET HTTP/2
assets.pancakeswap.finance/web/wallets/blocto.png
IP
104.26.3.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerGoogle Trust Services LLC
Subjectassets.pancakeswap.finance
Fingerprint62:58:8A:23:51:75:94:A4:7B:AD:60:8B:1A:7B:66:06:34:B6:98:0B
ValidityWed, 27 Mar 2024 10:44:32 GMT - Tue, 25 Jun 2024 10:44:31 GMT

File type
PNG image data, 232 x 232, 8-bit/color RGBA, non-interlaced
Size
5.0 kB (5015 bytes)
Hash
d87c961f741da9f48ee0b84b2d8c5d97
0af6331b85523be30d072fc3d844157c1fe76cac
b06b94134a2e5d91e6809f04b080866fb12d42a875c3fd98ad65ffc6f3e0a0ee

HTTP Headers

GET /web/wallets/blocto.png HTTP/1.1
Host: assets.pancakeswap.finance
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:39:57 GMT
content-type: image/png
content-length: 5015
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "a9d3ccbc66959bb406ed1966e0f92fcc"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XPwvz7t2tJqgio%2FIDuu28m4ccNFXXiAn3yYJy6Kc0rrDK2tPYNlL0tXuraHG0UU2nxQ%2FxB1Ev9vinIa%2F%2FWzQzVOkkSrDL72f1y%2FFN%2BRFPJKEx03VnNsgZkOMlcSMCNDGL4mzylPMEF%2B0VG9Tcw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 6353
accept-ranges: bytes
server: cloudflare
cf-ray: 879bfedacc8056c4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

3.126.230.177

101 Switching Protocols

0 B

URL GET HTTP/1.1
relay.walletconnect.com/?auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJkaWQ6a2V5Ono2TWtycGdSdnZYUVFKRVNiektSR25RY1Y1d01pQVVNTlptVGNYNlZzQ2pZR0JDVyIsInN1YiI6IjkyNWZkN2NkMDE3NTU0MDliMmJkNmFkODZjYTZkNjIxOWFjZGNhNzFjN2NlNGU1MGE3ZTIzMGJiYTQyZGVlODAiLCJhdWQiOiJ3c3M6Ly9yZWxheS53YWxsZXRjb25uZWN0LmNvbSIsImlhdCI6MTcxNDAyMzU5NywiZXhwIjoxNzE0MTA5OTk3fQ.B0s21aZx3-KrrPbj8G6wKRix4Kh7ZbxN5hgdqYowG9C03a7Rk954DqkHoEhFhXsnDGCu3ZQOdWafs4RDwHFqCQ&projectId=e542ff314e26ff34de2d4fba98db70bb&ua=wc-2%2Fjs-2.8.6%2Flinux-firefox-96.0.0%2Fbrowser%3Apay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app&useOnCloseEvent=true
IP
3.126.230.177:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerAmazon
Subjectrelay.walletconnect.com
FingerprintA3:38:A5:E6:60:04:20:E0:86:C9:9C:9E:6A:D7:35:A4:D4:04:A2:A5
ValidityMon, 07 Aug 2023 00:00:00 GMT - Thu, 05 Sep 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJkaWQ6a2V5Ono2TWtycGdSdnZYUVFKRVNiektSR25RY1Y1d01pQVVNTlptVGNYNlZzQ2pZR0JDVyIsInN1YiI6IjkyNWZkN2NkMDE3NTU0MDliMmJkNmFkODZjYTZkNjIxOWFjZGNhNzFjN2NlNGU1MGE3ZTIzMGJiYTQyZGVlODAiLCJhdWQiOiJ3c3M6Ly9yZWxheS53YWxsZXRjb25uZWN0LmNvbSIsImlhdCI6MTcxNDAyMzU5NywiZXhwIjoxNzE0MTA5OTk3fQ.B0s21aZx3-KrrPbj8G6wKRix4Kh7ZbxN5hgdqYowG9C03a7Rk954DqkHoEhFhXsnDGCu3ZQOdWafs4RDwHFqCQ&projectId=e542ff314e26ff34de2d4fba98db70bb&ua=wc-2%2Fjs-2.8.6%2Flinux-firefox-96.0.0%2Fbrowser%3Apay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app&useOnCloseEvent=true HTTP/1.1
Host: relay.walletconnect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pITJOZLElMzfgRLIJmAMXA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
connection: upgrade
upgrade: websocket
sec-websocket-accept: GdW9iX19+rrF5RCSA8aIUZ/+j8Q=
date: Thu, 25 Apr 2024 05:39:56 GMT

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/5185.17a9876281b49b94.js

76.76.21.22

200 OK

119 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/5185.17a9876281b49b94.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
119 kB (119438 bytes)
Hash
1cc2b2fc08b0a0772dcb49c0a2cc406e
02c4c094e825ca5343f5278f024f9ec2010298ce
6c8e7944580e21fe25821fd97a14dee32539407d22db0a6a3c64d39d4c72ae30

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/5185.17a9876281b49b94.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 36145
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="5185.17a9876281b49b94.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:57 GMT
etag: W/"1cc2b2fc08b0a0772dcb49c0a2cc406e"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/chunks/5185.17a9876281b49b94.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::xht85-1714023597782-81ddebc44151
X-Firefox-Spdy: h2

3.126.230.177

101 Switching Protocols

0 B

URL GET HTTP/1.1
relay.walletconnect.com/?auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJkaWQ6a2V5Ono2TWtxQjd2U0tMUWpXczlTemV2N2JuTmR3TEVZWlhBeEdOUVAxa1VLMWd6SnlaNiIsInN1YiI6IjZhYTJhNTgxOWRlOGY0ODdlODU0ZjU3M2ZhMTNjNGRjMTQzZTMzNmM5MDNlZjQ3Mzc1OTRmOGY0MTcyYTRkZWIiLCJhdWQiOiJ3c3M6Ly9yZWxheS53YWxsZXRjb25uZWN0LmNvbSIsImlhdCI6MTcxNDAyMzU5NywiZXhwIjoxNzE0MTA5OTk3fQ.j7ft8emA0B6664s-pb3JZ6b331sU4gCWsMZJAf5sE1Sny4KGnfb3b3YYR9XuxJq1OUu3ZS-keGnOcwPn95vWCA&projectId=e542ff314e26ff34de2d4fba98db70bb&ua=wc-2%2Fjs-2.8.6%2Flinux-firefox-96.0.0%2Fbrowser%3Apay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app&useOnCloseEvent=true
IP
3.126.230.177:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerAmazon
Subjectrelay.walletconnect.com
FingerprintA3:38:A5:E6:60:04:20:E0:86:C9:9C:9E:6A:D7:35:A4:D4:04:A2:A5
ValidityMon, 07 Aug 2023 00:00:00 GMT - Thu, 05 Sep 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJkaWQ6a2V5Ono2TWtxQjd2U0tMUWpXczlTemV2N2JuTmR3TEVZWlhBeEdOUVAxa1VLMWd6SnlaNiIsInN1YiI6IjZhYTJhNTgxOWRlOGY0ODdlODU0ZjU3M2ZhMTNjNGRjMTQzZTMzNmM5MDNlZjQ3Mzc1OTRmOGY0MTcyYTRkZWIiLCJhdWQiOiJ3c3M6Ly9yZWxheS53YWxsZXRjb25uZWN0LmNvbSIsImlhdCI6MTcxNDAyMzU5NywiZXhwIjoxNzE0MTA5OTk3fQ.j7ft8emA0B6664s-pb3JZ6b331sU4gCWsMZJAf5sE1Sny4KGnfb3b3YYR9XuxJq1OUu3ZS-keGnOcwPn95vWCA&projectId=e542ff314e26ff34de2d4fba98db70bb&ua=wc-2%2Fjs-2.8.6%2Flinux-firefox-96.0.0%2Fbrowser%3Apay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app&useOnCloseEvent=true HTTP/1.1
Host: relay.walletconnect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YBkSwA7Wa2GX7wBCln4rsg==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
connection: upgrade
upgrade: websocket
sec-websocket-accept: mqXjzcB1q1r+rs3aC5pf/43BwWo=
date: Thu, 25 Apr 2024 05:39:56 GMT

fonts.googleapis.com/css2?family=Kanit:wght@400;600&display=swap

142.250.74.106

200 OK

2.8 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Kanit:wght@400;600&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
ASCII text, with very long lines (2920), with no line terminators
Size
2.8 kB (2848 bytes)
Hash
8f2106a2bb0a863f9c1b1616f24bcacf
af845c9d338acb827c2f5f1e5c1c86d1ea378fcb
7fd348797a885261baa280e7708052426cea481ee65000ee4936ce7c7c4b6ac5

HTTP Headers

GET /css2?family=Kanit:wght@400;600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 25 Apr 2024 05:39:54 GMT
date: Thu, 25 Apr 2024 05:39:54 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/782.11a99be71c87365b.js

76.76.21.22

200 OK

14 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/782.11a99be71c87365b.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
JavaScript source, ASCII text, with very long lines (13606)
Size
14 kB (13655 bytes)
Hash
71fdaa3dcdc98dee1fab697481b187cf
e62a88cd0ed83f49ff45893cf065c62e9000f2f3
e0094c07b564c63ab21863bb5b4166184db600a3192dd1e6b0c3611891184d5d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/782.11a99be71c87365b.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 83942
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="782.11a99be71c87365b.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:57 GMT
etag: W/"71fdaa3dcdc98dee1fab697481b187cf"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/chunks/782.11a99be71c87365b.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::5qkgr-1714023597850-cc06a3c26687
X-Firefox-Spdy: h2

m.stripe.com/6

44.240.235.135

200 OK

156 B

URL POST HTTP/2
m.stripe.com/6
IP
44.240.235.135:443
ASN
#16509 AMAZON-02

Requested by
https://m.stripe.network/inner.html#url=https%3A%2F%2Fpay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app%2Framps&title=PancakeSwap&referrer=&muid=NA&sid=NA&version=6&preview=false
Certificate
IssuerDigiCert Inc
Subjectm.stripe.com
Fingerprint1F:77:3A:2D:0A:6F:20:07:BB:34:22:BC:B6:D0:39:6D:93:AC:D5:DB
ValidityTue, 16 Apr 2024 00:00:00 GMT - Thu, 18 Jul 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
156 B (156 bytes)
Hash
79eb48578dfdca4fb304480a028c4078
ae9641bf8e89e89a327ef7994b99a38cb53d2a11
7416be6ecb7f74d49dcb96f2a5fb0126a40743f81112ad1ee35a93cecb3cf4f2

HTTP Headers

POST /6 HTTP/1.1
Host: m.stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 3156
Origin: https://m.stripe.network
DNT: 1
Connection: keep-alive
Referer: https://m.stripe.network/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 05:40:00 GMT
content-length: 156
set-cookie: m=951dd6d9-725d-4dd6-a85b-7a71528606d8854acf;Expires=Sat, 25-Apr-2026 05:40:00 GMT;Secure;HttpOnly; SameSite=None
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1714023600867483
x-stripe-server-envoy-upstream-service-time-ms: 2
x-envoy-attempt-count: 1
x-stripe-bg-intended-route-color: green
x-stripe-client-envoy-start-time-us: 1714023600867118
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
X-Firefox-Spdy: h2

js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

151.101.128.176

200 OK

200 B

URL GET HTTP/2
js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
IP
151.101.128.176:443
ASN
#54113 FASTLY

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerDigiCert Inc
Subjecta.stripecdn.com
Fingerprint0C:7B:EC:2B:0B:A8:81:87:0C:D3:D8:55:B6:26:0F:CB:FA:28:ED:F8
ValidityWed, 27 Mar 2024 00:00:00 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
HTML document, ASCII text, with no line terminators
Size
200 B (200 bytes)
Hash
17d1120334cb0cb3cd8a62fc03671010
b40ef341ad651dcdb89d6a510fe324a79e18fc37
b37c9e71ffd7587b59be57d9644c546deae50598348d3f057ef3e971d2d7285c

HTTP Headers

GET /v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
cache-control: max-age=31536000
content-type: text/html; charset=utf-8
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Thu, 25 Apr 2024 05:39:59 GMT
via: 1.1 varnish
age: 11552414
x-request-id: 8d8103c6-fe60-4dd9-8493-5311b756ef7a
x-served-by: cache-hel1410022-HEL
x-cache: HIT
x-cache-hits: 119014
vary: Accept-Encoding
timing-allow-origin: *
content-length: 154
X-Firefox-Spdy: h2

m.stripe.network/out-4.5.43.js

54.230.111.111

200 OK

89 kB

URL GET HTTP/2
m.stripe.network/out-4.5.43.js
IP
54.230.111.111:443
ASN
#16509 AMAZON-02

Requested by
https://m.stripe.network/inner.html#url=https%3A%2F%2Fpay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app%2Framps&title=PancakeSwap&referrer=&muid=NA&sid=NA&version=6&preview=false
Certificate
IssuerDigiCert Inc
Subjecta.stripecdn.com
Fingerprint0C:7B:EC:2B:0B:A8:81:87:0C:D3:D8:55:B6:26:0F:CB:FA:28:ED:F8
ValidityWed, 27 Mar 2024 00:00:00 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type

Size
89 kB (88751 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /out-4.5.43.js HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://m.stripe.network/inner.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
content-encoding: br
date: Thu, 25 Apr 2024 05:35:59 GMT
cache-control: max-age=300, public
etag: W/"69cb7809b5011312e716f29b3d19dce6"
vary: Accept-Encoding, Origin
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
age: 242
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gQqVnKOFB5vrZRR5MknZaltu1DFUvqzN81WSIO6SBez7LAr8rnW-Kg==
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/framework-9910fad42761648c.js

76.76.21.22

200 OK

141 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/framework-9910fad42761648c.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
JavaScript source, ASCII text, with very long lines (65200)
Size
141 kB (141128 bytes)
Hash
46b92cd043fe51d3018c33c2faccb623
2e49e403cd93b8bd131b754c8bb2cd95ad527c1f
6a002e3da5cdfbe42873232c822d868fd714564876f69f22a7187b989fa393ba

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/framework-9910fad42761648c.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 638887
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="framework-9910fad42761648c.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:54 GMT
etag: W/"46b92cd043fe51d3018c33c2faccb623"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/chunks/framework-9910fad42761648c.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::5qkgr-1714023594821-da0457df9483
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/900-011ae1c0fe9f9296.js

76.76.21.22

200 OK

8.0 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/900-011ae1c0fe9f9296.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
JavaScript source, ASCII text, with very long lines (8014), with no line terminators
Size
8.0 kB (7955 bytes)
Hash
cca4b92f68f40a1a4f477d4ebd1e2a2f
42d762815164a81acf8f9ba5233c3cf47a5f6572
88a2af421a2d9d5c6e309f0ef39e90aed4ef3b53a70c417cf961c782a1da914d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/900-011ae1c0fe9f9296.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 638873
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="900-011ae1c0fe9f9296.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:56 GMT
etag: W/"e75f525b1cebd7a66b61d6c6c82fdd83"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/chunks/900-011ae1c0fe9f9296.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::nl8ss-1714023596440-74d9717babd5
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/pages/_app-d21bca908dc69ade.js

76.76.21.22

200 OK

3.1 MB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/pages/_app-d21bca908dc69ade.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type

Size
3.1 MB (3091989 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/pages/_app-d21bca908dc69ade.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 638887
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_app-d21bca908dc69ade.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:54 GMT
etag: W/"5ccb3933ed0f6943f5fc3accdd668805"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/chunks/pages/_app-d21bca908dc69ade.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::xht85-1714023594820-d12f5b37a660
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/logo.png

76.76.21.22

200 OK

23 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/logo.png
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
PNG image data, 512 x 512, 8-bit colormap, non-interlaced
Size
23 kB (22919 bytes)
Hash
64b883944b59c73896ec40af9f94aab3
e0dfeea62f1ba1942c99d1e6cf14c2decb023d08
39c08d280e7f4636908c7648d8c779fa7b01a90ba04d869a94e461d4637de199

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /logo.png HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 634591
cache-control: public, immutable, max-age=31536000
content-disposition: inline; filename="logo.png"
content-type: image/png
date: Thu, 25 Apr 2024 05:39:55 GMT
etag: "64b883944b59c73896ec40af9f94aab3"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /logo.png
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::nl8ss-1714023595837-591ba895756b
content-length: 22919
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/5569.1a233de1fa5a4a3f.js

76.76.21.22

200 OK

474 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/5569.1a233de1fa5a4a3f.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type

Size
474 kB (474242 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/5569.1a233de1fa5a4a3f.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 139282
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="5569.1a233de1fa5a4a3f.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:56 GMT
etag: W/"2387c017008ccf08111d6a96213c431d"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/chunks/5569.1a233de1fa5a4a3f.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::xht85-1714023596679-1c5f4e8944de
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/8940-2680582ce3921897.js

76.76.21.22

200 OK

12 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/8940-2680582ce3921897.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/quote-worker.1ac00aeec6a8b8d4.js
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
JavaScript source, ASCII text, with very long lines (11903)
Size
12 kB (11953 bytes)
Hash
4af0d04550602a4e4023aae8ef321f77
78e4304151cad34afe52345efeb22cdb312c879c
1669b1d79728b734d369c85406cfa634f6455c3487057db9c9a95d47335693aa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/8940-2680582ce3921897.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/quote-worker.1ac00aeec6a8b8d4.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 90362
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="8940-2680582ce3921897.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:57 GMT
etag: W/"4af0d04550602a4e4023aae8ef321f77"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/chunks/8940-2680582ce3921897.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::xht85-1714023597814-dcc4b60653e4
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps

76.76.21.22

200 OK

7.0 kB

URL User Request GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (7287), with no line terminators
Size
7.0 kB (7019 bytes)
Hash
3696bba08d2b56e1a7dc21d385e265c9
bc17d679ff4ba34a161ef32955fa1218d3b1ab4a
0cc34024b7fce9d541210666706e615970335fdb0982ff6128595646378eb305

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ramps HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 39243
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="ramps"
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 25 Apr 2024 05:39:54 GMT
etag: W/"e9d2508226fa12df04da4baaefbf3c3c"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /ramps
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::m7f24-1714023594529-a26f30ae19c2
X-Firefox-Spdy: h2

verify.walletconnect.com/e542ff314e26ff34de2d4fba98db70bb

52.57.86.163

200 OK

0 B

URL GET HTTP/2
verify.walletconnect.com/e542ff314e26ff34de2d4fba98db70bb
IP
52.57.86.163:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerAmazon
Subjectverify.walletconnect.com
FingerprintAF:A5:B3:2A:56:4F:A2:53:AF:7F:63:AD:1B:CA:9C:F3:24:76:E3:42
ValidityMon, 05 Feb 2024 00:00:00 GMT - Wed, 05 Mar 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /e542ff314e26ff34de2d4fba98db70bb HTTP/1.1
Host: verify.walletconnect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:39:57 GMT
content-type: text/html; charset=utf-8
content-length: 190
content-security-policy: frame-ancestors https://*.pancakeswap.finance https://pancakeswap.finance
x-csrf-token: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE3MTQwMjcxOTd9.QsTQBeTAl0eTt85Pw-UFZKVxOmIff21Nf8QFF4FCrZw
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/8940-2680582ce3921897.js

76.76.21.22

200 OK

12 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/8940-2680582ce3921897.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/quote-worker.1ac00aeec6a8b8d4.js
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
JavaScript source, ASCII text, with very long lines (11903)
Size
12 kB (11953 bytes)
Hash
4af0d04550602a4e4023aae8ef321f77
78e4304151cad34afe52345efeb22cdb312c879c
1669b1d79728b734d369c85406cfa634f6455c3487057db9c9a95d47335693aa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/8940-2680582ce3921897.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/quote-worker.1ac00aeec6a8b8d4.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 90362
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="8940-2680582ce3921897.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:57 GMT
etag: W/"4af0d04550602a4e4023aae8ef321f77"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/chunks/8940-2680582ce3921897.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::xht85-1714023597817-e175a3f8d612
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/css/8ab97594b6c016e8.css

76.76.21.22

200 OK

1.5 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/css/8ab97594b6c016e8.css
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
ASCII text, with very long lines (1460), with no line terminators
Size
1.5 kB (1459 bytes)
Hash
19ebf48c6941de89e944b419de9f69c0
1b5ae64edc5c8816bfb710884a2a5cca01bb709b
99821de931eb52e74868ab47007e1283af568141c0e9b67fb902b3c32048d951

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/css/8ab97594b6c016e8.css HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 90355
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="8ab97594b6c016e8.css"
content-encoding: br
content-type: text/css; charset=utf-8
date: Thu, 25 Apr 2024 05:39:54 GMT
etag: W/"2afb49d6892e65c4154a498a99f55985"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/css/8ab97594b6c016e8.css
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::nl8ss-1714023594816-e914c8f9d6e8
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/4568.796287f6c5d648ca.js

76.76.21.22

200 OK

96 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/4568.796287f6c5d648ca.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/quote-worker.1ac00aeec6a8b8d4.js
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
96 kB (95672 bytes)
Hash
64d5b55a7f111087b544cf4b0184342e
35b50a5dc5480a08260d268b607863b4bfed23c8
ca53a6b9c69209f3131643e0f774fd9a98553247d75c104043aa6c318b083843

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/4568.796287f6c5d648ca.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/quote-worker.1ac00aeec6a8b8d4.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 90362
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="4568.796287f6c5d648ca.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:57 GMT
etag: W/"64d5b55a7f111087b544cf4b0184342e"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/chunks/4568.796287f6c5d648ca.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::xht85-1714023597991-91c577fe8b70
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/css/8ab97594b6c016e8.css

76.76.21.22

200 OK

1.5 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/css/8ab97594b6c016e8.css
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
ASCII text, with very long lines (1460), with no line terminators
Size
1.5 kB (1459 bytes)
Hash
19ebf48c6941de89e944b419de9f69c0
1b5ae64edc5c8816bfb710884a2a5cca01bb709b
99821de931eb52e74868ab47007e1283af568141c0e9b67fb902b3c32048d951

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/css/8ab97594b6c016e8.css HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Cookie: _ga_334KNG3DMQ=GS1.1.1714023598.1.0.1714023598.60.0.0; _ga=GA1.1.373164024.1714023598
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 90358
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="8ab97594b6c016e8.css"
content-encoding: br
content-type: text/css; charset=utf-8
date: Thu, 25 Apr 2024 05:39:58 GMT
etag: W/"2afb49d6892e65c4154a498a99f55985"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/css/8ab97594b6c016e8.css
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::bn2bj-1714023598439-7655542eaf72
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/2892.b79a9cb802c91f90.js

76.76.21.22

200 OK

1.1 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/2892.b79a9cb802c91f90.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (1153), with no line terminators
Size
1.1 kB (1128 bytes)
Hash
08b5d0123ca5a71e88799fe3bac7318d
7cefe7e92584e803bca1fc694e1a1783dc6e7b0c
2ccec688040b5ac85db3dbf5c90ba35bcfa4c1bf5e2fcbe689412e1edac9ad93

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/2892.b79a9cb802c91f90.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 139279
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="2892.b79a9cb802c91f90.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:57 GMT
etag: W/"7edeb49623cf722b6cd8833bdff0620c"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/chunks/2892.b79a9cb802c91f90.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::7dx48-1714023597068-78f282379253
X-Firefox-Spdy: h2

www.walletlink.org/rpc

104.18.37.8

101 Switching Protocols

0 B

URL GET HTTP/1.1
www.walletlink.org/rpc
IP
104.18.37.8:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerCloudflare, Inc.
Subjectwalletlink.org
FingerprintB8:73:73:A6:43:5F:26:A6:7B:B4:63:F2:19:C1:AE:68:20:D1:2A:EE
ValiditySun, 10 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rpc HTTP/1.1
Host: www.walletlink.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Yelb2kt2bfwX+lFRdJ3g+g==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Thu, 25 Apr 2024 05:39:58 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1tx1MZb2hBBDUsHgPREFN0cZG3s=
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=rXuHQmfSo5AQlBgtRwouIpqA_eU7rTU4017l5LAHoPs-1714023598-1.0.1.1-pR5.EOZOlXtLMR3QG7CSev_52ViZhXtVjriUMSmit4miH4z7yKovivzmtcE2kubkUZVKa5NK6wfQn89LTKG4Ow; path=/; expires=Thu, 25-Apr-24 06:09:58 GMT; domain=.walletlink.org; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 879bfedddeda7131-OSL

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/favicon.ico

76.76.21.22

200 OK

19 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/favicon.ico
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
MS Windows icon resource - 6 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
Size
19 kB (18838 bytes)
Hash
fca50d530ea4525965eb6e11edde9601
9a975c80755a5deca6a0635e580c6dd5b57596a4
e11b366176c2f300801c5229aae56ebc008ccb5ccfd217c0aae0ebe4ae009f02

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 624974
cache-control: public, immutable, max-age=31536000
content-disposition: inline; filename="favicon.ico"
content-encoding: br
content-type: image/vnd.microsoft.icon
date: Thu, 25 Apr 2024 05:39:55 GMT
etag: W/"fca50d530ea4525965eb6e11edde9601"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /favicon.ico
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::m7f24-1714023595837-e2a1f7185747
X-Firefox-Spdy: h2

tokens.pancakeswap.finance/pancakeswap-bnb-mm.json

104.26.2.169

200 OK

2.6 kB

URL GET HTTP/2
tokens.pancakeswap.finance/pancakeswap-bnb-mm.json
IP
104.26.2.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subjecttokens.pancakeswap.finance
Fingerprint16:4E:75:1C:22:7A:65:1F:A3:EE:D9:84:E5:17:6B:94:18:D4:CB:75
ValidityTue, 02 Apr 2024 17:48:58 GMT - Mon, 01 Jul 2024 17:48:57 GMT

File type
ASCII text, with very long lines (2826), with no line terminators
Size
2.6 kB (2556 bytes)
Hash
2fbf6d360c108b0878de1ad59870325f
4b4d03ad4727cd19ff23072c541bfc1b22bdd122
d4c4ca6a56be0f07e367bd39d0446bf879bf428f8e24cfee17ab54cb45c50410

HTTP Headers

GET /pancakeswap-bnb-mm.json HTTP/1.1
Host: tokens.pancakeswap.finance
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:39:58 GMT
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"faf77b0d59ffb744af6dfc91e89864da"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hHMh6OstRicottEv8a9zP1e%2Bc1dVI6Ywfh%2BLWRAaJX1A9uaOUH8hzxm1KcLzaS1YWg7gjOpfltQt8hApM8clSjWAc8Pzv%2FA8%2Fz%2F0N4bI9H8FqyfatHCLFz07ABjAx4a7vvK%2F1%2FhJrcFEC1HePA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 879bfedfa99a56c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/9332-3a8484ec85c99144.js

76.76.21.22

200 OK

28 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/9332-3a8484ec85c99144.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type

Size
28 kB (28005 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/9332-3a8484ec85c99144.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 38772
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="9332-3a8484ec85c99144.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:54 GMT
etag: W/"02d58746fb67f11748f89eaf8ba33421"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/chunks/9332-3a8484ec85c99144.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::jdvzm-1714023594828-8548ad7f98f7
X-Firefox-Spdy: h2

tokens.pancakeswap.finance/coingecko.json

104.26.2.169

200 OK

942 kB

URL GET HTTP/2
tokens.pancakeswap.finance/coingecko.json
IP
104.26.2.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subjecttokens.pancakeswap.finance
Fingerprint16:4E:75:1C:22:7A:65:1F:A3:EE:D9:84:E5:17:6B:94:18:D4:CB:75
ValidityTue, 02 Apr 2024 17:48:58 GMT - Mon, 01 Jul 2024 17:48:57 GMT

File type
JSON text data
Size
942 kB (942304 bytes)
Hash
aa05a12ae6d2fa5ae7532acbbaf9a4bf
07c1b543835686fc85e43bbeec082c6070797a5a
5d08abebf597d956bd30f8ecdf7238a29bba76ed384d0472dbfc735f4df212a4

HTTP Headers

GET /coingecko.json HTTP/1.1
Host: tokens.pancakeswap.finance
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
Origin: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:39:58 GMT
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"5ae8849290c0437cb497dc6f27b82a8d"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rqXvIsZJeA4NIN5luUdtHlVlHvZJoYMxzYamrO1fVxi48GWJBQVMYyxrYrb9Wzj6oXV76CVlLX8xmw8GdFtEq0%2BLeXpj%2FRXpYsfGHarf1C2wAdUnT9%2FmIE8Mq9O4m%2BIEB%2BFNKce6e%2BEL%2B9OMAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 879bfedf998e56c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

m.stripe.network/inner.html

54.230.111.111

200 OK

930 B

URL GET HTTP/2
m.stripe.network/inner.html
IP
54.230.111.111:443
ASN
#16509 AMAZON-02

Requested by
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html#url=https%3A%2F%2Fpay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app%2Framps&title=PancakeSwap&referrer=&muid=NA&sid=NA&version=6&preview=false
Certificate
IssuerDigiCert Inc
Subjecta.stripecdn.com
Fingerprint0C:7B:EC:2B:0B:A8:81:87:0C:D3:D8:55:B6:26:0F:CB:FA:28:ED:F8
ValidityWed, 27 Mar 2024 00:00:00 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (950), with no line terminators
Size
930 B (930 bytes)
Hash
f965fbd577896cec85e53f8723dd00c1
8f1efde6d3060695e8c4b15570dcc602d5217836
8203a3820f68e42441db1690aee0059757efb30a2862add5dd250f106f1a08e2

HTTP Headers

GET /inner.html HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=utf-8
content-length: 930
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
accept-ranges: bytes
server: Cloudfront
date: Thu, 25 Apr 2024 05:36:34 GMT
cache-control: max-age=300, public
etag: "06bfcd88af438673a8bf9b845a11aa6e"
vary: Accept-Encoding, Origin
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
age: 207
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bwHvPCVyDPlF-9dQvBkVCo5aKL9afZfWDnCkKiscXxt7pwq-wDxD2w==
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/8394-2b149c4bb6108264.js

76.76.21.22

200 OK

44 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/8394-2b149c4bb6108264.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
JavaScript source, ASCII text, with very long lines (44056)
Size
44 kB (44106 bytes)
Hash
ca02cb21718db3ab448c7d8204be089e
1e3060cccd6eb155b6f35cdc6d1c33bf7dca49ba
530475dd121227c652eb45b2241e84f8c01b5c5d8937762d304e7b71b43b442d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/8394-2b149c4bb6108264.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 139280
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="8394-2b149c4bb6108264.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:54 GMT
etag: W/"ca02cb21718db3ab448c7d8204be089e"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/chunks/8394-2b149c4bb6108264.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::4x5bs-1714023594820-d4fcb62fde6b
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/4568.796287f6c5d648ca.js

76.76.21.22

200 OK

96 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/4568.796287f6c5d648ca.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/quote-worker.1ac00aeec6a8b8d4.js
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
96 kB (95672 bytes)
Hash
64d5b55a7f111087b544cf4b0184342e
35b50a5dc5480a08260d268b607863b4bfed23c8
ca53a6b9c69209f3131643e0f774fd9a98553247d75c104043aa6c318b083843

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/4568.796287f6c5d648ca.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/quote-worker.1ac00aeec6a8b8d4.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 90362
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="4568.796287f6c5d648ca.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:57 GMT
etag: W/"64d5b55a7f111087b544cf4b0184342e"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/chunks/4568.796287f6c5d648ca.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::4x5bs-1714023597991-5f5ca5dc35ef
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/4861-3efb5f77e6bf6644.js

76.76.21.22

200 OK

14 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/4861-3efb5f77e6bf6644.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
JavaScript source, ASCII text, with very long lines (14258)
Size
14 kB (14308 bytes)
Hash
2e5f13e529de38f4c7a898034d048c61
de7104d674d9ae064d85726165f7b8eb14ed28b1
64cee8b66ce8ba35aefd2b129fd35cb40711119d777a296802ffcfff6e6e68cb

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/4861-3efb5f77e6bf6644.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 90355
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="4861-3efb5f77e6bf6644.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:54 GMT
etag: W/"2e5f13e529de38f4c7a898034d048c61"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/chunks/4861-3efb5f77e6bf6644.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::jdvzm-1714023594824-f33c4d290333
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/7444-360c3f79697d7d4b.js

76.76.21.22

200 OK

2.5 kB

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/7444-360c3f79697d7d4b.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
ASCII text, with very long lines (2587), with no line terminators
Size
2.5 kB (2517 bytes)
Hash
4de8a53fb41ebd759027d91f2ec64781
3299bcc68e0d15a9685ff8ac6d49a484fa15611c
6ede75d2417932635664704622abb242b024e5a7f5bf177ab3b3cb4f4f7c2df0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/7444-360c3f79697d7d4b.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 90355
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="7444-360c3f79697d7d4b.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:54 GMT
etag: W/"cf3d137988a48807f06a3e8663fb24c4"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/chunks/7444-360c3f79697d7d4b.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::kkmdf-1714023594824-47db18dafbe6
X-Firefox-Spdy: h2

pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/3804.5c782b135a9ecacd.js

76.76.21.22

200 OK

86 B

URL GET HTTP/2
pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/_next/static/chunks/3804.5c782b135a9ecacd.js
IP
76.76.21.22:443
ASN
#16509 AMAZON-02

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
ASCII text, with no line terminators
Size
86 B (86 bytes)
Hash
51248ca3a7069f90dac31e324b5d577e
e8b0cf2d6212a3e931fab48c0d669b6fdca6c11a
ea6d7b09d0b72b833bd863e5a50eeca94556472bc275e70297b3f4cd22304b1c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/3804.5c782b135a9ecacd.js HTTP/1.1
Host: pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 139293
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="3804.5c782b135a9ecacd.js"
content-type: application/javascript; charset=utf-8
date: Thu, 25 Apr 2024 05:39:56 GMT
etag: "51248ca3a7069f90dac31e324b5d577e"
referrer-policy: strict-origin-when-cross-origin
server: Vercel
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-matched-path: /_next/static/chunks/3804.5c782b135a9ecacd.js
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: arn1::zjhfd-1714023596442-af7a7e83fd07
content-length: 86
X-Firefox-Spdy: h2

explorer-api.walletconnect.com/w3m/v1/getWalletImage/4725dda0-4471-4d0f-7adf-6bbe8b929c00?projectId=e542ff314e26ff34de2d4fba98db70bb

104.18.27.46

200 OK

3.8 kB

URL GET HTTP/2
explorer-api.walletconnect.com/w3m/v1/getWalletImage/4725dda0-4471-4d0f-7adf-6bbe8b929c00?projectId=e542ff314e26ff34de2d4fba98db70bb
IP
104.18.27.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerGoogle Trust Services LLC
Subjectwalletconnect.com
FingerprintED:B4:3C:64:2E:D4:9E:75:2A:0F:E4:F1:85:B7:CD:B6:A8:91:DE:37
ValidityTue, 27 Feb 2024 02:22:47 GMT - Mon, 27 May 2024 02:22:46 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp
Size
3.8 kB (3798 bytes)
Hash
da70910749e573bddd422e3be5867a44
da34c9ed83957d53bc31a9b59fd320ce02288a3f
bfbc9631cd59d2c9b3d7472e49a53ff4e9680ab19c92b8af870d4a068a2a0a71

HTTP Headers

GET /w3m/v1/getWalletImage/4725dda0-4471-4d0f-7adf-6bbe8b929c00?projectId=e542ff314e26ff34de2d4fba98db70bb HTTP/1.1
Host: explorer-api.walletconnect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:39:59 GMT
content-type: image/webp
content-length: 3798
cf-ray: 879bfee7fabdb4f1-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 41317
cache-control: public, max-age=31536000
etag: "cfVY6bvtQgA-Z381nmE5duLVCtUG7FeV1c8ZwDJoU7DQ"
expires: Fri, 25 Apr 2025 05:39:59 GMT
vary: Accept, Accept-Encoding
cf-bgj: imgq:86,h2pri
cf-images: internal=ok/- q=0 n=287+0 c=10+31 v=2024.3.2 l=3798
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
x-robots-tag: noindex
x-wc-r2-status: HIT
set-cookie: __cf_bm=SCqG_PGHOpVqpIjr5V8gm8v6rvw4OCmQfYoUxnqWt8E-1714023599-1.0.1.1-8fyUcMeANCZxiQKHXWVjZFSj21Cjqy2KMZuPpZFuIb052n625LR5E9MdH4KAnjU9xznt9ApivC605eq6iWJPdQ; path=/; expires=Thu, 25-Apr-24 06:09:59 GMT; domain=.walletconnect.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

explorer-api.walletconnect.com/w3m/v1/getWalletImage/b6ee4efc-f53e-475b-927b-a7ded6211700?projectId=e542ff314e26ff34de2d4fba98db70bb

104.18.27.46

200 OK

9.2 kB

URL GET HTTP/2
explorer-api.walletconnect.com/w3m/v1/getWalletImage/b6ee4efc-f53e-475b-927b-a7ded6211700?projectId=e542ff314e26ff34de2d4fba98db70bb
IP
104.18.27.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/ramps
Certificate
IssuerGoogle Trust Services LLC
Subjectwalletconnect.com
FingerprintED:B4:3C:64:2E:D4:9E:75:2A:0F:E4:F1:85:B7:CD:B6:A8:91:DE:37
ValidityTue, 27 Feb 2024 02:22:47 GMT - Mon, 27 May 2024 02:22:46 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp
Size
9.2 kB (9194 bytes)
Hash
835880c74b2b75b4b6f5f0af0115438c
3cbb7c955c08ccbd8e4e0a2031bf8daa0754aafb
8c8d2bda4f39810c8650a74cece803ff55b40bd234f9ca35068b6155e0bc7555

HTTP Headers

GET /w3m/v1/getWalletImage/b6ee4efc-f53e-475b-927b-a7ded6211700?projectId=e542ff314e26ff34de2d4fba98db70bb HTTP/1.1
Host: explorer-api.walletconnect.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pay8-2v-9jkc4ukd3-ekontetevi-gmailcom.vercel.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:39:59 GMT
content-type: image/webp
content-length: 9194
cf-ray: 879bfee7eaa0b4f1-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 41318
cache-control: public, max-age=31536000
etag: "cf9TnuhjIqeWjX901zZxsJee5JUG7FeV1c8ZwDJoU7DQ"
expires: Fri, 25 Apr 2025 05:39:59 GMT
vary: Accept, Accept-Encoding
cf-bgj: imgq:86,h2pri
cf-images: internal=ok/- q=0 n=23+0 c=5+25 v=2024.3.2 l=9194
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
x-robots-tag: noindex
x-wc-r2-status: HIT
set-cookie: __cf_bm=_gL9aPM0mV2JJiSSGho04Zxmdorme08iUDupu3IFbF0-1714023599-1.0.1.1-feIo52eTd91Or_Ep9ovtMIOolh7NvQQkUc3_N25.1uarIA7clZrPEUmUO2gwU97kx9prZXYmW50toQ3.Ehn43w; path=/; expires=Thu, 25-Apr-24 06:09:59 GMT; domain=.walletconnect.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (53)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL