{"report_id":"1d4ce709-5911-4767-925f-d37ccff61428","version":0,"status":"done","tags":["crypto","phishing"],"date":"2026-06-25T01:05:59Z","url":{"schema":"https","addr":"walletsync.one/app.html","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":0,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"walletsync.one/app.html","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"title":"Wallet Registry","dom":{"size":115519,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (11713)","md5":"f01acbf0ea31e7fb3a136bf54f7ab939","sha1":"a9dcd1a3004194f89620a580c6c6612fbc50858f","sha256":"26471a07b28d224eb87fbc3da8498d5c1ebc85029dbf25f944d58c1919e8f1e9","sha512":"1819036b6226320b1d36a4a6dff2716c5503e578eda61399c2d28d11401810c2a7c21fed225d6c3d9f800829774f1fcb77a0689cc84019b8a4f1a707f65b32fa","ssdeep":"768:p8tJY/qmjLIFioupyzgK/LXJ07ouTgvNrLMEG+qWVwKUFejZVOESBeoGMWugtIS7:p8tJOIwf6p8PQGyhRjX","tlshash":"61b3ff6565f6923301b3f3d8676257ddb9a5f2038e2a4991fbec0bd19f93c968d23008","dom_hash":"domhasha189109603e2ab71a54cb02affba2eb8","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"walletsync.one/app.html","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":0,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-30T01:05:59Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]},"summary":[{"fqdn":"www.google.com","ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22,"first_seen":"2015-05-10T13:11:19Z","last_seen":"2026-06-21T22:45:06.213681Z","alert_count":0,"request_count":51,"received_data":22801,"sent_data":28808,"comment":"","tags":null,"fingerprints":null},{"fqdn":"walletsync.one","ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"domain_registered":"2026-04-23","domain_rank":0,"first_seen":"2026-06-25T00:57:10.014705Z","last_seen":"2026-06-25T00:57:10.014705Z","alert_count":199,"request_count":119,"received_data":2979777,"sent_data":70052,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"t2.gstatic.com","ip":{"addr":"142.250.178.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2013-05-07T00:09:56Z","last_seen":"2026-06-19T03:17:37.864337Z","alert_count":0,"request_count":13,"received_data":38075,"sent_data":7690,"comment":"","tags":null,"fingerprints":null},{"fqdn":"t0.gstatic.com","ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2013-05-06T20:22:05Z","last_seen":"2026-06-20T10:09:49.007856Z","alert_count":0,"request_count":13,"received_data":39806,"sent_data":7688,"comment":"","tags":null,"fingerprints":null},{"fqdn":"t1.gstatic.com","ip":{"addr":"142.250.178.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2013-05-06T22:57:20Z","last_seen":"2026-06-18T13:20:33.206951Z","alert_count":0,"request_count":16,"received_data":43371,"sent_data":9462,"comment":"","tags":null,"fingerprints":null},{"fqdn":"t3.gstatic.com","ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2013-05-06T20:15:36Z","last_seen":"2026-06-19T15:06:44.338592Z","alert_count":0,"request_count":9,"received_data":13796,"sent_data":5345,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"walletsync.one/app.html","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"58636445b08b378ade20b3a8fa74865c","sha1":"1ac53ea897fbddb3a5f94e80832faa830b31b910","sha256":"c793a807276483dffbaf8725aaa4149b5afb60fbffd735c38db9ded73b3bcec3","sha512":"d470547037ad229acf63712ca919a6e5ca34ccee6e51eef73c8a3abc23791407654c91fbb863af20bda01e6b9bac6c080b25761752f0e658746bbee43e7dc52a","ssdeep":"384:C09PjpU1JF9i8HkoFTxpwjNhZ7JqYBpR/diiHZxs5jwkDcGhRll:C8PjO/G8H3FtpwjNhJJFBpR/GwkDcGhJ","tlshash":"d892401ca2bb16215073737d6bab61e83138b5433281d978bf9cc6d10fa946c99b379c","size":20343,"data":"","first_seen":"2026-06-25T01:06:10.40537Z","last_seen":"2026-06-25T01:06:10.40537Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/app.html","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"81b416abbbaf5d0b7423f1bd05605785","sha1":"e91f1b4b56bf676ec2e489c8ee40b82b858c8159","sha256":"0890e66304fc7c8656d1f7cc5e541e23c0a280681fc291738ea46febcf3ea80a","sha512":"99276339a2844d7552aa83688d9f26258b3374693a6c1b71d32c57f11e8fc28b8d78e175c50240e1c872f6239572c9d64db24a0229d8e04221de1b1b8c9e650f","ssdeep":"192:AIm+iQCr2cFcvI6B5l8rxjRl5by9Oh+Zbf9I:fWGQ6IxjT5y52","tlshash":"50d11d8976f3366442ab713c8fcf928d707084576508ce117e1c9a84bf1ae29c6b7bd9","size":6362,"data":"","first_seen":"2026-06-25T01:06:10.406471Z","last_seen":"2026-06-25T01:06:10.406471Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/app.html","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"602efa00c1e215ce1ba5a4052200996b","sha1":"54fe096c7464c0cbf54e46f354fe098b1e3f5697","sha256":"ed0b27fd18d72da68e5d2de47ace76678b56187c43b81399734e90f474dcbc68","sha512":"888c6de31a2ea6b6d698584a4ad2bc7be9c2bb9fae643fa16f63d32e059a264a90c43ca84d1a15981b438280b739ebd252d19923dea53bcd7debc8a3a0044540","ssdeep":"","tlshash":"6b21967e81b363372da722a99e9b15d67df82463010bcd213a9ce5a36f4d9280ef5700","size":1242,"data":"","first_seen":"2026-06-25T01:06:10.407463Z","last_seen":"2026-06-25T01:06:10.407463Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/app.html","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"58636445b08b378ade20b3a8fa74865c","sha1":"1ac53ea897fbddb3a5f94e80832faa830b31b910","sha256":"c793a807276483dffbaf8725aaa4149b5afb60fbffd735c38db9ded73b3bcec3","sha512":"d470547037ad229acf63712ca919a6e5ca34ccee6e51eef73c8a3abc23791407654c91fbb863af20bda01e6b9bac6c080b25761752f0e658746bbee43e7dc52a","ssdeep":"384:C09PjpU1JF9i8HkoFTxpwjNhZ7JqYBpR/diiHZxs5jwkDcGhRll:C8PjO/G8H3FtpwjNhJJFBpR/GwkDcGhJ","tlshash":"d892401ca2bb16215073737d6bab61e83138b5433281d978bf9cc6d10fa946c99b379c","size":20343,"data":"","first_seen":"2026-06-25T01:06:10.40537Z","last_seen":"2026-06-25T01:06:10.40537Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/app.html","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"81b416abbbaf5d0b7423f1bd05605785","sha1":"e91f1b4b56bf676ec2e489c8ee40b82b858c8159","sha256":"0890e66304fc7c8656d1f7cc5e541e23c0a280681fc291738ea46febcf3ea80a","sha512":"99276339a2844d7552aa83688d9f26258b3374693a6c1b71d32c57f11e8fc28b8d78e175c50240e1c872f6239572c9d64db24a0229d8e04221de1b1b8c9e650f","ssdeep":"192:AIm+iQCr2cFcvI6B5l8rxjRl5by9Oh+Zbf9I:fWGQ6IxjT5y52","tlshash":"50d11d8976f3366442ab713c8fcf928d707084576508ce117e1c9a84bf1ae29c6b7bd9","size":6362,"data":"","first_seen":"2026-06-25T01:06:10.406471Z","last_seen":"2026-06-25T01:06:10.406471Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/app.html","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"602efa00c1e215ce1ba5a4052200996b","sha1":"54fe096c7464c0cbf54e46f354fe098b1e3f5697","sha256":"ed0b27fd18d72da68e5d2de47ace76678b56187c43b81399734e90f474dcbc68","sha512":"888c6de31a2ea6b6d698584a4ad2bc7be9c2bb9fae643fa16f63d32e059a264a90c43ca84d1a15981b438280b739ebd252d19923dea53bcd7debc8a3a0044540","ssdeep":"","tlshash":"6b21967e81b363372da722a99e9b15d67df82463010bcd213a9ce5a36f4d9280ef5700","size":1242,"data":"","first_seen":"2026-06-25T01:06:10.407463Z","last_seen":"2026-06-25T01:06:10.407463Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/js/jquery.min.js","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a8e7cabd4d49dfaf0146678ee147dfc5","sha1":"b19b077cdc2cf89c66a644f0305ef4959f8472bc","sha256":"39a546ea9ad97f8bfaf5d3e0e8f8556adb415e470e59007ada9759dce472adaa","sha512":"f0b10d35b5e6cc8fc66e3f8ec179aa47a57841a500c34fe9a2b3f3cb5f9d42826a0b424f1de756a1ed030ce4cbdae1c0e575c9c88b0fb623071fcea95656b2e8","ssdeep":"1536:QmGY6OI1mwxklLhClYsosYKq8s1PS0dakYBF0fIZ5+ONtQCcq6RXu:Hgm1ClYsosU88PDf4wyN6RXu","tlshash":"d87309ddb2c6b06247a760b9407f950bf236194d384d8910f229e4e9bc74a4e827bf7d","size":78748,"data":"","first_seen":"2026-01-22T11:09:04.33239Z","last_seen":"2026-06-30T06:57:04.677346Z","times_seen":3688,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/js/ethers.umd.min.js","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"556e49c10fd81a990b6281dcdc87bcd9","sha1":"4e5c00395339a8f4fdfa2ed3eb37a0dc00a7909b","sha256":"9a85a5aa81305f85e6546452fd2093a8a68932bed3cec4f6491e4d031a90bc95","sha512":"7e2dcc5cbe076d1c2d18053dda25b46c21f667367c1b28d13a2b489c507dbf8500a9f083328f1e54d417647ea8ff79cba9b7a97c9a1e5e35043cae9aba9861b6","ssdeep":"12288:2u8zZJf+vZGJzPfQAqa24VcpPfC1WgplCvPPko2Nz7jTO:2u8z7f+vZGJzPfQAqa2T4FAs1Nz7fO","tlshash":"dbb44cd132e3647287c618e52c650902f238f952705d44ecf66cdde26eabd8994bbf38","size":522095,"data":"","first_seen":"2025-12-21T04:14:54.672175Z","last_seen":"2026-06-29T14:49:31.640409Z","times_seen":333,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/js/bootstrap.bundle.min.js","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5cc1b73e70520fa84b1846afe0ec8fb6","sha1":"69f688858b7149c561c4a1fbc496e9e66b3df2fe","sha256":"e4fd49181388c48ec5040bd3fe66f57c29c8e67fcd8502b3354b96ec7ab47cc7","sha512":"1ef3a326b7703690db9062481b664da83955a8ca3beea6ece0c7b871a8741e80eb7e1adb03ef12065667d4aaef010c3b7082cb3c526f770220a61cd098c9be3f","ssdeep":"1536:oH5mi07eR2tgYR6ifTGqghZxBMzFhhX1fhKCywwPesX5L08g:yNwhh+CywwWsXZg","tlshash":"7673d6593245b4730ade85a68037430bf2265898b64b812cb57cadde2a7dcc27277f78","size":80496,"data":"","first_seen":"2025-09-04T15:51:36.009011Z","last_seen":"2026-06-30T02:49:26.338611Z","times_seen":3090,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/app.html","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"58636445b08b378ade20b3a8fa74865c","sha1":"1ac53ea897fbddb3a5f94e80832faa830b31b910","sha256":"c793a807276483dffbaf8725aaa4149b5afb60fbffd735c38db9ded73b3bcec3","sha512":"d470547037ad229acf63712ca919a6e5ca34ccee6e51eef73c8a3abc23791407654c91fbb863af20bda01e6b9bac6c080b25761752f0e658746bbee43e7dc52a","ssdeep":"384:C09PjpU1JF9i8HkoFTxpwjNhZ7JqYBpR/diiHZxs5jwkDcGhRll:C8PjO/G8H3FtpwjNhJJFBpR/GwkDcGhJ","tlshash":"d892401ca2bb16215073737d6bab61e83138b5433281d978bf9cc6d10fa946c99b379c","size":20343,"data":"","first_seen":"2026-06-25T01:06:10.40537Z","last_seen":"2026-06-25T01:06:10.40537Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/app.html","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"81b416abbbaf5d0b7423f1bd05605785","sha1":"e91f1b4b56bf676ec2e489c8ee40b82b858c8159","sha256":"0890e66304fc7c8656d1f7cc5e541e23c0a280681fc291738ea46febcf3ea80a","sha512":"99276339a2844d7552aa83688d9f26258b3374693a6c1b71d32c57f11e8fc28b8d78e175c50240e1c872f6239572c9d64db24a0229d8e04221de1b1b8c9e650f","ssdeep":"192:AIm+iQCr2cFcvI6B5l8rxjRl5by9Oh+Zbf9I:fWGQ6IxjT5y52","tlshash":"50d11d8976f3366442ab713c8fcf928d707084576508ce117e1c9a84bf1ae29c6b7bd9","size":6362,"data":"","first_seen":"2026-06-25T01:06:10.406471Z","last_seen":"2026-06-25T01:06:10.406471Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/app.html","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"602efa00c1e215ce1ba5a4052200996b","sha1":"54fe096c7464c0cbf54e46f354fe098b1e3f5697","sha256":"ed0b27fd18d72da68e5d2de47ace76678b56187c43b81399734e90f474dcbc68","sha512":"888c6de31a2ea6b6d698584a4ad2bc7be9c2bb9fae643fa16f63d32e059a264a90c43ca84d1a15981b438280b739ebd252d19923dea53bcd7debc8a3a0044540","ssdeep":"","tlshash":"6b21967e81b363372da722a99e9b15d67df82463010bcd213a9ce5a36f4d9280ef5700","size":1242,"data":"","first_seen":"2026-06-25T01:06:10.407463Z","last_seen":"2026-06-25T01:06:10.407463Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=dcentwallet.com\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.328Z","timestamp":1782349535328,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=dcentwallet.com\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t0.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://dcentwallet.com\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 336\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":88,"timings":{"blocked":22,"dns":0,"connect":0,"send":0,"wait":66,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/ledger.png","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.732Z","timestamp":1782349533732,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/ledger.png HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/png\r\ncontent-length: 838\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\netag: \"67becf1d-346\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":838,"size_decoded":1178,"mime_type":"image/png","magic":"PNG image data, 225 x 225, 8-bit colormap, non-interlaced","md5":"11a6c994cf6c09c855e586acaa5a313c","sha1":"26d07d812df1d11d9001c58cd561c45b5124ba93","sha256":"cd811d776d480010b78e206a18509e10c2bd7c1676a5f9eba6fd355d68c0666e","sha512":"108d13934de17d3d2737207fe2bf2d571363f23f4caea666e9d15b8960ea4cf87688527588eabfa9a62a3789ff47859d8b47549af1da6206714a2953fd48ade3","ssdeep":"","tlshash":"c10186657eaa7952c4f344709bd69070168f128b120f705baf3596be424050120c0d30","first_seen":"2024-04-30T18:55:15Z","last_seen":"2026-06-25T01:06:10.192361Z","times_seen":30,"resource_available":false,"data":null}},"time_used":777,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":600,"receive":177,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/o3_wallet.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.793Z","timestamp":1782349533793,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/o3_wallet.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-2362\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9058,"size_decoded":9086,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"c68bcc627461911030befc3d290f7342","sha1":"58e37e3584323f974b8c07f30c5dc1ae2e21b4ac","sha256":"9692fb2e6ea236083a898403714cbacf006d60f62b21a470d0bf99a96f8937ed","sha512":"9dffd9e3d409fad8538925609fd6d881a1c72df7428660d589049abb116b8f4eae58a005b4d4aa36993af97412461d477fcd7c00f2e123314e2e43f89227a04b","ssdeep":"192:0eFOTveSn/SJzoiCKNzr0d0joeSOrWefrynMBtHS3:0j2Sn/aUoprS4oeSJfMBtHQ","tlshash":"8b129f47ba444d87c863effc40516cf36a5626e95a37629e390a01ef1ff8d0a9a03155","first_seen":"2023-05-01T21:31:16Z","last_seen":"2026-06-28T11:50:27.563626Z","times_seen":564,"resource_available":false,"data":null}},"time_used":545,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":545,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/xinfin.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.800Z","timestamp":1782349533800,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/xinfin.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-2315\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8981,"size_decoded":8573,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"60f87e16077bd56afa4dce8e0651f619","sha1":"6a803a4c96451869d22c84920d262c6c6a0b7f52","sha256":"886989ea7749a43c57edbc97d5e2d133061c68c204c25b5ded17b9dfd623a9a5","sha512":"3f0bef602cd653e85a682ee0c0f78cf2ff965b013efea89578fd7c43c58d921cd8b2a18af8459d9977e72ffc9ea67f2ac4bc1d94b33923b3f77a412e23ee617a","ssdeep":"96:U7lcn2U1OsATWXaRCAHGroxs8XFZo6Kqwwlpfqx6f5s61c3PyiZcqe8isTWYQCp+:XBlXaHx91WrPV6fu3PyiZcnQVBpOHP","tlshash":"a602ae8b7b2c4266f200cfba566b112a5e671821f133decf4b66e5a8f0b1851d43c4e4","first_seen":"2023-05-01T21:31:16Z","last_seen":"2026-06-25T01:06:10.194218Z","times_seen":595,"resource_available":false,"data":null}},"time_used":542,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":542,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/via_wallet.jpeg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.815Z","timestamp":1782349533815,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/via_wallet.jpeg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-1f58\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8024,"size_decoded":7571,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"1b3b4abf57877c3b029aa9bd3c7f9c77","sha1":"a726fb89d2b09b7c1a1d7c3b3bc716ad73a11280","sha256":"ca134a16673ab82b382968b51004d66e636b6794d60195e8dd8f38d222a34bfc","sha512":"ea6dc5c1681a89c80e4db2377e8fcaf4c42bb9ba1ac4266d566ea5e66f841ac86084de8224882905cedb2013b8aca74e608b10bb310649e55b7b2ab1692ba1bf","ssdeep":"192:cgS1bypHHrUUz83y/5bmg877GRW9F8M1UjslUkoGpF:cghpHLKoIg8PG6CM1+sVb","tlshash":"82f17e3ff246aae9e269e87045c72ae4c5ff21d5ec35c79c9e05ae0c0c17809645263d","first_seen":"2023-04-30T19:28:18Z","last_seen":"2026-06-28T11:50:27.635524Z","times_seen":778,"resource_available":false,"data":null}},"time_used":527,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":527,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"t2.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=vespr.xyz\u0026size=128","fqdn":"t2.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.702Z","timestamp":1782349535702,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://vespr.xyz\u0026size=128 HTTP/1.1\r\nHost: t2.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: https://vespr.xyz/apple-touch-icon.png\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 3682\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:35 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Wed, 08 Jul 2026 10:01:58 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":3682,"size_decoded":4488,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit colormap, non-interlaced","md5":"1e361e5f3848a8a8a91bc8e26935e695","sha1":"d2a2352c5d6c1cb14c213f573905ac402d49980d","sha256":"f989950f74047b6ecd4404584118ea30d2544862b5319c0b72d5d5932a616c64","sha512":"567478b4f55f3c222dbbfbe523a68bd4b6f12ed77b31ecbdb7746df7132dc0b922dd6105c9ebbd76d3ddd5f22073a6378bca60a75e55f0783d691f5124f0b04f","ssdeep":"","tlshash":"8a717e8116166425e7963b9c6a6d11a7cfd5490d7d04c284ca5fa8cc8bb31db93fc783","first_seen":"2026-06-25T01:06:10.19528Z","last_seen":"2026-06-25T01:06:10.19528Z","times_seen":1,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/phantom.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.738Z","timestamp":1782349533738,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/phantom.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-18af\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6319,"size_decoded":6666,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 225x225, components 3","md5":"dc8543d6d5afb7a1b8371f0849447cbd","sha1":"1a8524d542b2a8f2b1228fd93ca92a87062d5af5","sha256":"e191d7411a4272d2587966baafda1b5f3d68e0c10d95d1a6c316ad44298cb7c7","sha512":"0f08e625be77cc25d61df00272655b09ad9832d3f94b773aded09260fc15e78510125974133d885dce1046fde3029c76afc37122184c04bbc21341321e736ae5","ssdeep":"96:yEjdgdw1TVzPc86y2fGrbxWdUNstPYBh9cy2ZZgx9Ee0nE4smKZ+lsYS0NkIhKGK:yCv5L2fbU+tnyKLeoR7KZ+l1SSkkAyu","tlshash":"8cd190981d06cc14c7acf3fa3fa1665aad43d1f92dd6113b4908d180d0ebc56ca1da00","first_seen":"2023-05-12T01:13:02Z","last_seen":"2026-06-25T01:06:10.196336Z","times_seen":62,"resource_available":false,"data":null}},"time_used":595,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":595,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/js/bootstrap.bundle.min.js","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.720Z","timestamp":1782349533720,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/js/bootstrap.bundle.min.js HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 23 Apr 2026 16:12:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69ea44fa-13a70\"\r\nexpires: Thu, 25 Jun 2026 13:05:33 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":80496,"size_decoded":24370,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65299)","md5":"5cc1b73e70520fa84b1846afe0ec8fb6","sha1":"69f688858b7149c561c4a1fbc496e9e66b3df2fe","sha256":"e4fd49181388c48ec5040bd3fe66f57c29c8e67fcd8502b3354b96ec7ab47cc7","sha512":"1ef3a326b7703690db9062481b664da83955a8ca3beea6ece0c7b871a8741e80eb7e1adb03ef12065667d4aaef010c3b7082cb3c526f770220a61cd098c9be3f","ssdeep":"1536:oH5mi07eR2tgYR6ifTGqghZxBMzFhhX1fhKCywwPesX5L08g:yNwhh+CywwWsXZg","tlshash":"7673d6593245b4730ade85a68037430bf2265898b64b812cb57cadde2a7dcc27277f78","first_seen":"2025-09-04T15:51:36.009011Z","last_seen":"2026-06-30T02:49:26.338611Z","times_seen":3090,"resource_available":true,"data":null}},"time_used":455,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":455,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/coinbase.png","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.731Z","timestamp":1782349533731,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/coinbase.png HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-2b83\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11139,"size_decoded":11093,"mime_type":"image/png","magic":"PNG image data, 250 x 250, 8-bit/color RGBA, non-interlaced","md5":"7774bb57b27c817e15ec7d9212aac06b","sha1":"46f00d4eb0d3d0c91c3aa3908c0ef24f8866c762","sha256":"11b144fe3230a877aa99ffc5ec3e20d6c2df6d41f8d31eefe017b9c184a87f24","sha512":"9a2c397b9915738c2dbeb69a61df774723373373eb1805371745fd7813fce94de18e051dccf668aa96cffc8b4756f8dfe2df24f354fdc5b9ffde2eb70fe18bb6","ssdeep":"192:kmNctlv0SFSQY2d5tHT4kg4FZ7ROId+82iW34SXg6dKoPoadx+/T17+fqEUXARpS:km+tlv/Fq239T4ezY8KXfd9oadE/J7Br","tlshash":"6a328e41b385f7131bbf6a0cbd16a6a09e3f598d130bc9f8361490c4ec6db79819d399","first_seen":"2023-05-18T08:37:01Z","last_seen":"2026-06-26T01:27:54.614676Z","times_seen":261,"resource_available":false,"data":null}},"time_used":601,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":601,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/klev.png","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.742Z","timestamp":1782349533742,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/klev.png HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-124a\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4682,"size_decoded":4976,"mime_type":"image/png","magic":"PNG image data, 200 x 200, 8-bit colormap, non-interlaced","md5":"e1baf72dac900228a468897836b2c0cc","sha1":"5a00049edcb60e792d36891ec6ecd763a6219891","sha256":"d477095254947ce0dcc8ee8268aee416a7b7ceded0d9fe9b100530b07a84920c","sha512":"7aebbe9d0893bbacf39aa8d541f015accddc58c6b1dc17370d64ca6bdd9646ec47d1f28b9ee6a25614e7bd0628986a37cb0ea0dfac92d7a239ef08b91cd2c270","ssdeep":"96:44cPYczZLUIXTgsuPbfv90TQTiEAcsDLM1KiXSkIgriN9JuSubBF144hAF:wjzZxTgsCFuQenDLM1TX5s9E24hAF","tlshash":"33a15d81686ce03d246508f794b630e8aa7c6f7708babae94d6832d601f47e1537dcc2","first_seen":"2024-04-30T18:55:15Z","last_seen":"2026-06-25T01:06:10.198567Z","times_seen":45,"resource_available":false,"data":null}},"time_used":591,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":591,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/via_wallet.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.780Z","timestamp":1782349533780,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/via_wallet.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-1f58\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8024,"size_decoded":7571,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"1b3b4abf57877c3b029aa9bd3c7f9c77","sha1":"a726fb89d2b09b7c1a1d7c3b3bc716ad73a11280","sha256":"ca134a16673ab82b382968b51004d66e636b6794d60195e8dd8f38d222a34bfc","sha512":"ea6dc5c1681a89c80e4db2377e8fcaf4c42bb9ba1ac4266d566ea5e66f841ac86084de8224882905cedb2013b8aca74e608b10bb310649e55b7b2ab1692ba1bf","ssdeep":"192:cgS1bypHHrUUz83y/5bmg877GRW9F8M1UjslUkoGpF:cghpHLKoIg8PG6CM1+sVb","tlshash":"82f17e3ff246aae9e269e87045c72ae4c5ff21d5ec35c79c9e05ae0c0c17809645263d","first_seen":"2023-04-30T19:28:18Z","last_seen":"2026-06-28T11:50:27.635524Z","times_seen":778,"resource_available":false,"data":null}},"time_used":557,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":557,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/walle.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.848Z","timestamp":1782349533848,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/walle.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-1121\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4385,"size_decoded":4161,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 225x225, components 3","md5":"8aaa7397f533b7f06cbb667779fa82a2","sha1":"8fd75fa5ac328b68fdf589101a22763580ed8ab9","sha256":"8cecf985296b8abe99d5749f1dd32ed51748d97e642ecb7b0ea6602bf6de22ff","sha512":"5c996c2ffe0377be5c9b878c55564671e7c589a043e89a6eb5337df13a0af7435e458b08a00f9e90279ab99033846c9c3ee52534e1c94ea623d3f4dbb219c217","ssdeep":"96:fo8HzzrPGbqBr3Ca7I5tQ74j8dX10A+gtRE78Ot9/bD58O:fo8ea7I5i4j8dX1+uU8Ot5Dj","tlshash":"0e913c134d6b8991fb11d975a3e0715bd2147971a28aa9a1c0888a700f8ebd80d4e0e0","first_seen":"2023-05-18T08:37:00Z","last_seen":"2026-06-25T01:06:10.199626Z","times_seen":215,"resource_available":false,"data":null}},"time_used":495,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":495,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=subwallet.app\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.342Z","timestamp":1782349535342,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=subwallet.app\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t1.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://subwallet.app\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 334\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":84,"timings":{"blocked":21,"dns":0,"connect":0,"send":0,"wait":63,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=slope.finance\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.363Z","timestamp":1782349535363,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=slope.finance\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t2.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://slope.finance\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 334\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":67,"timings":{"blocked":18,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t0.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=backpack.app\u0026size=128","fqdn":"t0.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.709Z","timestamp":1782349535709,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://backpack.app\u0026size=128 HTTP/1.1\r\nHost: t0.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: https://backpack.app/icon/128x128.png\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 1632\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:35 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Sat, 01 Jun 2024 15:44:47 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":1632,"size_decoded":2457,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"6539fc683b4a9ca2425abe2878c0416a","sha1":"0894e44f85d532faf8531a18bda1ae64a590d8ca","sha256":"ee3b0a24973f3623b06a48ca9110033a9f9d3323b2244ad7e917b19b3088c440","sha512":"2b3d8f60caa0c58935d56691d579f868baca524ab3c39575eeb185249abce152d640771dc4584a86d992bbc2418022e9cbc6fa160f04f20ee9aaf5683cfb3a23","ssdeep":"","tlshash":"fa31a3d6a30f38fe4b4a2e7f013754b270ca062e3fc55704501616667ca6a439ccde22","first_seen":"2026-06-25T01:06:10.200967Z","last_seen":"2026-06-25T01:06:10.200967Z","times_seen":1,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/walleth.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.756Z","timestamp":1782349533756,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/walleth.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-1c39\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7225,"size_decoded":6771,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"eb31718dfcaa184c92939eeb80409f0c","sha1":"abc5e316aada45ab95fd22320588031aa5b7083c","sha256":"5b17b2831da88db4aba84e58cd502092d778a6cce1eebfaf508096fcbd58b1ab","sha512":"d6dc3751424e3eb3372cad73fd34d090e4c7791885210e4eee7d0f69c45b8f81f8c3b3c572307405360bea92eef25bb50d033b2b63ec15f9b5ab14324c2c0457","ssdeep":"96:XXypRMGsaaguUYpsNxKDqehtmBEeeEV2/SGOvCEdKPh6rdoUHT4WON+MscXK:HuG5ZiSD1vBee82/SpaYmgoUH5OY","tlshash":"90e18e0abe0eab15c65dc6f06d902f74bff1062a40f48f1d0f14ed7461b92e64a608d7","first_seen":"2023-04-30T19:28:18Z","last_seen":"2026-06-28T11:50:27.715479Z","times_seen":704,"resource_available":false,"data":null}},"time_used":579,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":579,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=zengo.com\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.334Z","timestamp":1782349535334,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=zengo.com\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t1.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://zengo.com\u0026size=128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\ncontent-length: 330\r\nx-xss-protection: 0\r\ndate: Thu, 25 Jun 2026 00:48:31 GMT\r\nexpires: Thu, 25 Jun 2026 01:18:31 GMT\r\ncache-control: public, max-age=1800\r\ncontent-type: text/html; charset=UTF-8\r\nage: 1024\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":62,"timings":{"blocked":21,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t1.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=subwallet.app\u0026size=128","fqdn":"t1.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.944Z","timestamp":1782349535944,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://subwallet.app\u0026size=128 HTTP/1.1\r\nHost: t1.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: https://subwallet.app/assets/images/favicon/favicon-180x180.png\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 2227\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:35 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Sun, 27 Aug 2023 01:06:39 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":2227,"size_decoded":3058,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit colormap, non-interlaced","md5":"fbaa77fd8bae5a56b9ddbaa0f3569a46","sha1":"cdada9159a8ca954570e4f445db713a053d551d7","sha256":"31e3c3cc6c6104fdd331c84ab8d82ce80b568ae40220f5a3b762668fc0161dbb","sha512":"acaffb2508e281af3f985267a066fde7a33188e88425e9f158fa02a4cd6d5bcc413f9bae0639aa250061316522f3a3283b125cabeff4af0968f3f5e2a23a6f61","ssdeep":"","tlshash":"61412c609503a4f201541a45f23ad36a6d13bed6cc029dc6d1063565103b961d78bf15","first_seen":"2026-06-25T01:06:10.202913Z","last_seen":"2026-06-25T01:06:10.202913Z","times_seen":1,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/valora.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.788Z","timestamp":1782349533788,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/valora.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-2971\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10609,"size_decoded":10643,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"c57a301ca7c3047d549f5209e6d8c95d","sha1":"7e6f2b7c04b84d37d12183894921faeea878f29d","sha256":"b23c73a3e1ed446e7cbd862b49c352aa3a4a0e0dc6d67e7a2da52f981a93d304","sha512":"c97a18d8124a8348d03e9e77751139dfdba339f986d88fa60b88a3171dfb6fa88d9f339d7601be88377edf541b15ab6067e47b8dc7e2c7ffd002b879b2283517","ssdeep":"192:NfDC6AKMlx330763Xu2/niiN2QSy0lbupc7WLCGlOhvxg7qdL/rpXe:Nf26qY6O2645m7GC1hvx6ML/rU","tlshash":"ce229f6afb809512e9a7ef73d01b628f9beee076582742cd14a2301719c40a12fd5947","first_seen":"2023-05-09T01:47:42Z","last_seen":"2026-06-25T01:06:10.203778Z","times_seen":235,"resource_available":false,"data":null}},"time_used":550,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":550,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/guarda_wallet.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.789Z","timestamp":1782349533789,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/guarda_wallet.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-1f60\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8032,"size_decoded":7687,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"521d0a27dff013b0b9313ed91121b20f","sha1":"8d4a2cb408105f8b87fd1cb852ab813913227ea0","sha256":"eefc338f4a2058461b6800c0fc41481ad508984f3ac5cd2c49c14dcab80eff06","sha512":"41da961f1b7f73aa69b1cf2cdef84eeb71692ad1d4367f92f7f62ece82db3355368ecf728d9136453385418fec0b051d8152b868e3f164e793e73dffe22a94ec","ssdeep":"192:MuTHUGc+/wV6jZFdkGFTQdAwjmIBONupxJL4jB+:M6HUb+/wVAFd/T0jnosg+","tlshash":"31f1be3db92b88a4da51d2bfe0169d5123977656fc200f4cb34585d987bae6e11c30cc","first_seen":"2023-05-01T21:31:16Z","last_seen":"2026-06-27T10:02:40.595377Z","times_seen":660,"resource_available":false,"data":null}},"time_used":548,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":548,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/sparkpoint.jpeg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.814Z","timestamp":1782349533814,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/sparkpoint.jpeg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-203d\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8253,"size_decoded":7315,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"103c31261c3932b698967da37ea4aea5","sha1":"2e3a279b1671a76bc99fd5cac007ffa9408424a2","sha256":"f829d44d6a79c943dbd28798fda25a63cc8ea33fb6a5a59924f86f1048577438","sha512":"6d9bc985367f3602f05da022602e337a6564546b614bcb7bc8219ea482356a8f5d4dd5b2b7fb95f31e8d046fa99b910a71acc8a1b901eb763c7e0d7ca5756cca","ssdeep":"192:T9SM/Zs5Ezv5DhFT8bT+/pJ3ftZg2Gs/V1Z4I7UT4:JSqZDzxDjT8b6/pVvGqV1g8","tlshash":"74028dbf3779a546c792e3fd1aa45476b20e1b307f0755cf316137739586104a52b50c","first_seen":"2023-04-30T19:28:18Z","last_seen":"2026-06-25T01:06:10.204612Z","times_seen":472,"resource_available":false,"data":null}},"time_used":529,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":529,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/zerion-icon.png","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.750Z","timestamp":1782349533750,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/zerion-icon.png HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-217d\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8573,"size_decoded":7023,"mime_type":"image/png","magic":"PNG image data, 704 x 704, 8-bit/color RGBA, non-interlaced","md5":"c152e221a80b577c2ae96334b64f2a7f","sha1":"3a68867c87665acdb4642523b1f81361078ea94f","sha256":"05b68b9f017f7b2daa55216aa6209154436f2759c897b7079b111ef996ccf61c","sha512":"ed429ad9f7b86252ac1a9f4eb6bb8368cb0dcb5d0684f56bff7ece21dab7bfd6ab9e7eaa9cb942620f7061351075d65c17d96526cfd1c3d06870895bade3e5e8","ssdeep":"192:RMyTjwZU9grGMYT9RVAb/KFqbT1I3HzRTHeqoXseI:RfUYxMYTTKbyFU5INHe3XLI","tlshash":"e30254f9c130eaf2dc7e125ef411870579199f2932c2877cb72b5b642e276bc863161a","first_seen":"2024-12-24T01:05:45.440942Z","last_seen":"2026-06-25T01:06:10.20517Z","times_seen":18,"resource_available":false,"data":null}},"time_used":584,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":584,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/spatium.jpeg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.822Z","timestamp":1782349533822,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/spatium.jpeg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-ea0\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3744,"size_decoded":2014,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"1d80c66d4087666473477ca8852636e3","sha1":"e0d4fc2b90a5ecf937509a0de9df338c0a5b4096","sha256":"c9606c925968e9c32a18cbbd923d6ef5341365be3306b797ba35fe72d435464b","sha512":"8fcf0c2687d0a1096e7d42a76582e06fc99996c52bd6491198dc20ca74d0e6cbfb2ac9dd608dfe5d3fecf0a80f23a28aed9eaefde0a537ef0d0c1762910e56a1","ssdeep":"","tlshash":"9071c666bb50a30cfcbbc8f1802d59f53317627208c99e8e5588b04eded90e5e82d8d5","first_seen":"2023-04-30T19:28:18Z","last_seen":"2026-06-25T01:06:10.205777Z","times_seen":509,"resource_available":false,"data":null}},"time_used":520,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":520,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"t1.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=secuxtech.com\u0026size=128","fqdn":"t1.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.696Z","timestamp":1782349535696,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://secuxtech.com\u0026size=128 HTTP/1.1\r\nHost: t1.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: https://secuxtech.com/cdn/shop/files/SecuX_favicon_0de344f9-c666-47fa-b70a-5c5403090bb4_32x32.png?v=1644396053\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 651\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:35 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Mon, 06 May 2024 19:50:30 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":651,"size_decoded":1528,"mime_type":"image/png","magic":"PNG image data, 25 x 25, 8-bit/color RGBA, non-interlaced","md5":"c4a36e20d3bb64ba0e8eaed9f1f0f13d","sha1":"e7b68e413a8b5a9666ee91eaf73cd52cf0a3d215","sha256":"d0b7594a0c04521dd67720e5f37a3badf86bdf3a048772f96273d0f5d1bf8b4f","sha512":"f9fbeb127f19b655d55df0f3d9e6e967037cffeb050da5958cdfc47bd339da1ee6c792f55d479d9baa3766fd600d993a3e8e31e137beb48815cb3520d6a65801","ssdeep":"","tlshash":"f6f0c8617131986ccc1039333e9129c5643b4e1d1705c16ea58b080dcd205864a0aa27","first_seen":"2026-06-25T01:06:10.206341Z","last_seen":"2026-06-25T01:06:10.206341Z","times_seen":1,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t1.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=leather.io\u0026size=128","fqdn":"t1.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.863Z","timestamp":1782349535863,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://leather.io\u0026size=128 HTTP/1.1\r\nHost: t1.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: https://framerusercontent.com/images/B3gKhT86bl5l73BjI9PNf4mdU.svg\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 1673\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:35 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Mon, 18 Aug 2025 02:25:02 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":1673,"size_decoded":2507,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit colormap, non-interlaced","md5":"3e91e9f9363de5b2a672e137b15d2c91","sha1":"2b2caf2efd1b32190b0ec490b4074ef0f3426381","sha256":"474ea3d7622c02c5cf6fd7a5c432ad7391da838389cb6bab2104f03c80574090","sha512":"79b15397a5c52a8cc8a69525d3fa291a9b0194ee8755caa3ebb30bd33b9319243f06d8cbd6b37498e0c4d7dc59b966e5a1035599a2051474e4901ffc63285c4f","ssdeep":"","tlshash":"fa31faf04650cab56be554341beb50357f2019495d4603b06a6dedd0e57f5ad31c10bc","first_seen":"2026-06-25T01:06:10.207206Z","last_seen":"2026-06-25T01:06:10.207206Z","times_seen":1,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/js/ethers.umd.min.js","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.718Z","timestamp":1782349533718,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/js/ethers.umd.min.js HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 23 Apr 2026 16:12:42 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69ea44fa-7f76f\"\r\nexpires: Thu, 25 Jun 2026 13:05:33 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":522095,"size_decoded":162042,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"556e49c10fd81a990b6281dcdc87bcd9","sha1":"4e5c00395339a8f4fdfa2ed3eb37a0dc00a7909b","sha256":"9a85a5aa81305f85e6546452fd2093a8a68932bed3cec4f6491e4d031a90bc95","sha512":"7e2dcc5cbe076d1c2d18053dda25b46c21f667367c1b28d13a2b489c507dbf8500a9f083328f1e54d417647ea8ff79cba9b7a97c9a1e5e35043cae9aba9861b6","ssdeep":"12288:2u8zZJf+vZGJzPfQAqa24VcpPfC1WgplCvPPko2Nz7jTO:2u8z7f+vZGJzPfQAqa2T4FAs1Nz7fO","tlshash":"dbb44cd132e3647287c618e52c650902f238f952705d44ecf66cdde26eabd8994bbf38","first_seen":"2025-12-21T04:14:54.672175Z","last_seen":"2026-06-29T14:49:31.640409Z","times_seen":333,"resource_available":true,"data":null}},"time_used":456,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":456,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/bitget-token.png","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.752Z","timestamp":1782349533752,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/bitget-token.png HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-d432\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":54322,"size_decoded":41177,"mime_type":"image/png","magic":"PNG image data, 2000 x 2000, 8-bit/color RGBA, non-interlaced","md5":"f8649d2de7e84c46e7e6d0425d35523b","sha1":"617b31724dbd7c4cfc6d5f1059351e4334041c3a","sha256":"896216666358542c90d2506cb5f1975d7027bcd7f29c9c5fa4e959067e1182d2","sha512":"51435264c49654efc1d972ec23a1f7e12f458dcf451318b1a2b5888ae247f29b7cd1bc087bc92cc616e8054d08735b3895fd87099cc07af816e96bc13accf767","ssdeep":"1536:FvMk2VSTm5fKJeKVTUPbis2e1qnkL3yEEg73Kj:Fvh2ATmFkeKVwPbbPP3yEN3w","tlshash":"a933bf9553b28767f63c5bb6c8bb4b016b6004001433e702671af61dda76a5cfeaf9c4","first_seen":"2024-12-24T01:05:45.442604Z","last_seen":"2026-06-25T01:06:10.208827Z","times_seen":47,"resource_available":false,"data":null}},"time_used":582,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":582,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/sol-flare.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.753Z","timestamp":1782349533753,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/sol-flare.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-615d\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":24925,"size_decoded":23019,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 480x480, components 3","md5":"e89109d0692376cdeae54e2ad4b10cd9","sha1":"4ae70c5c377d028715c67fa3dd16f6dc2cda540b","sha256":"0f7e843aac697a89456a2406587c459550b07287bf2c2f9f3c17213e54845a36","sha512":"249e01391dca898fc227aaccf6c2bcd06cf5214f5327ca462e52b0a5b3c8fe952bb573a261d742bc8880ff7e9d89fd859b1b5e32a24cf8a66da8160ccc64506f","ssdeep":"384:uOHhROFk3v5TPI13D2cfY9atTqdD0tPuLyqupAkR63caTQHFphEtU/:uOBRj6JD2uPuLYAkR6sHBEt4","tlshash":"51b23903ed089b93f4599bbcbd1389796f492e18fa9737ea55624e8336203224d4f43d","first_seen":"2024-12-24T01:05:45.445414Z","last_seen":"2026-06-25T01:06:10.210004Z","times_seen":15,"resource_available":false,"data":null}},"time_used":581,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":581,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/easypocket.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.778Z","timestamp":1782349533778,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/easypocket.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-17bd\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6077,"size_decoded":5832,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"68dcb1da71ecb585c52aa44ee3dcccc2","sha1":"8c702a4f8d1c68bba1dc8ba1ee165f9958ef708a","sha256":"97fd6f72e2ffccc20b821c4b8f0a1ab9644df31860bc236dc17390e83328aced","sha512":"c436c37758e9094362772efd93367ef493084329a8739ac7e781ff3f8e297eaec27ccda3fb352111fb70594c858a38b405eac88ffaef47c31cbde69d1de02dfd","ssdeep":"96:Z6oFdipXHSLJ2X9oLF1bKkovt2uokMLjmBpLoO8IPwTHsYAy7p5joa3:Z6oFdiZHSv1GbsRmB2IPqsYp59","tlshash":"f8c18e59f0899294d4dedc34f5e03832822d55f3db4c3e4e27072864b13d0aaaf9a0cb","first_seen":"2023-04-30T19:28:18Z","last_seen":"2026-06-28T11:50:27.644405Z","times_seen":720,"resource_available":false,"data":null}},"time_used":558,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":558,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/unstoppable_wallet.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.783Z","timestamp":1782349533783,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/unstoppable_wallet.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-1acb\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6859,"size_decoded":6467,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"73e8f4bb9a641d6c33e9610030b74a53","sha1":"8c09555af9ec61e077ad6304f780aefd40d469de","sha256":"f50a128c69596cbb101cec84c8c0c479af3f548c10fad011727f5d5f10ebb479","sha512":"9827f364780bf98a7486eb1b8f7d83b47925d5e1ee2870c17222da57991b3f0f73021ecb20dca73871599e1969465304b9eb7575233546783855c3b71df6f307","ssdeep":"192:wlqviSuns0AVZ/c6umyClei4AQbOSfBBVV:wl8izQV+tieipPSZXV","tlshash":"dfe19e47b6511949e89fe0fcfe3681459732a57449cf3e0e22f6985c7a1241db0e0e76","first_seen":"2023-04-30T19:28:18Z","last_seen":"2026-06-28T11:50:27.616096Z","times_seen":786,"resource_available":false,"data":null}},"time_used":554,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":554,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=backpack.app\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.336Z","timestamp":1782349535336,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=backpack.app\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t0.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://backpack.app\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 333\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":72,"timings":{"blocked":21,"dns":0,"connect":0,"send":0,"wait":51,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/safepal.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.774Z","timestamp":1782349533774,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/safepal.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-253c\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9532,"size_decoded":9214,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"a72d311b189775eb7dd380a6009f7e79","sha1":"8040476622c565f354ea858a41124ef1f02a7835","sha256":"fd649b8ba5a3d4ec37b1feb668f78b8f6794abaf4f9a9fbef5f4694335e4181d","sha512":"6d8f2b3d99b1064132a9c4d75b7dc65f030d621b611c3be12ecad9be37107ab911099e84955b75078940c5ae3566e4372583c9ce31ab98b647e8c0cdc2f04e12","ssdeep":"192:UT7SPFKMK8KkOfexEpDJKA3ZABxQOopnlDC+iEDKxg3/1d:Y2P4krGKArhq+DKg/z","tlshash":"4412bffdf2f28195e5d4d73b7537c2c2cbeda996c496424f450d51938288a833fc84a1","first_seen":"2023-05-01T21:31:16Z","last_seen":"2026-06-25T01:06:10.212728Z","times_seen":546,"resource_available":false,"data":null}},"time_used":562,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":562,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=typhonwallet.io\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.358Z","timestamp":1782349535358,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=typhonwallet.io\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t1.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://typhonwallet.io\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 336\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":86,"timings":{"blocked":18,"dns":0,"connect":0,"send":0,"wait":68,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=leapwallet.io\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.345Z","timestamp":1782349535345,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=leapwallet.io\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t0.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://leapwallet.io\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 334\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":77,"timings":{"blocked":19,"dns":0,"connect":0,"send":0,"wait":58,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/cool_wallet_s.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.769Z","timestamp":1782349533769,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/cool_wallet_s.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-1c44\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7236,"size_decoded":6147,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"97c7f6191718e13dd0297ac906b7b7c3","sha1":"72e2dc617e184515ae50cce89e3e1dc2f30e098d","sha256":"9d1eac67b14b71ed6228ee2e1f621461c2d886cece4de6d7f01d9863b736138f","sha512":"7cf15038d2cdf2560895c3ad89cee1026290950e2f82f8b90bec45aeb759760f48d01886e5865ab3951f07932b91bc541b21d8f172e81da4d3340940ca7692f7","ssdeep":"192:6AZZ6CJD6w66klLshDYu/7scdBUAlY4TvJ6ElfpLRdpfnORj:6AjbAgn77Y4TkE3Rd1ORj","tlshash":"62e19f4936f52e23eb0afbf47543e9960f52955178bf0c0f74912960223a7a2f448a5c","first_seen":"2023-05-01T21:31:16Z","last_seen":"2026-06-25T01:06:10.213435Z","times_seen":584,"resource_available":false,"data":null}},"time_used":566,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":566,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/dok_wallet.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.785Z","timestamp":1782349533785,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/dok_wallet.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-1e3a\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7738,"size_decoded":7198,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"228691a2d60656d05507fb1b3b033494","sha1":"c2162d22f053049a5a22eda04c2118f5fb8542d2","sha256":"2c43d50ce18477d5b45372d1122854882e74220a8fdd4dacb38a198fb30accc1","sha512":"7e3b2bd8f78a419a7dc48819d324b5825ddae140b33e77931b4c3c6b06b192ef3c23c96776d4ae7b6cfaaa607f18b6af81a823e6a434555b260510a16e39c76e","ssdeep":"192:q/72YjtcBBqfE6K3DCz5X5vKkniikL0+1kPlknPs14x:qTmqfE3DCurib7Plu","tlshash":"4ef18d6b7d00ae11c92dc27e122d6f8aae68a520c8d765ef42de1b87048c90bbd44e52","first_seen":"2023-04-30T19:28:18Z","last_seen":"2026-06-25T01:06:10.214163Z","times_seen":666,"resource_available":false,"data":null}},"time_used":552,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":552,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=martianwallet.xyz\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.338Z","timestamp":1782349535338,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=martianwallet.xyz\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t2.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://martianwallet.xyz\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 338\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":87,"timings":{"blocked":21,"dns":0,"connect":0,"send":0,"wait":66,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=coinhub.wallet.coinbase.com\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.363Z","timestamp":1782349535363,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=coinhub.wallet.coinbase.com\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t3.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://coinhub.wallet.coinbase.com\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 348\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":85,"timings":{"blocked":18,"dns":0,"connect":0,"send":0,"wait":67,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t0.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=nightly.app\u0026size=128","fqdn":"t0.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.712Z","timestamp":1782349535712,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://nightly.app\u0026size=128 HTTP/1.1\r\nHost: t0.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: https://nightly.app/favicon.ico?favicon.b2e42f96.ico\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 1777\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:35 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Wed, 14 Jan 2026 05:40:46 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":1777,"size_decoded":2617,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"cfe284fad0f4bd7de8d6268d794ee0b5","sha1":"265a9cc1297647feab8798f629499b36f9686b9f","sha256":"20786391094f1b81a2208de41f01d5a0e1bb2013e625bd77c5cc2a8927be5def","sha512":"61ada97db0e619ecd772ed04a8d2b814a9ca0a38e481d48f9b300090b23de8faea21544f7eb5c68202f428a3e2c125273c8b4c7184f4ee6c948a85d3876f35fe","ssdeep":"","tlshash":"7631e7e62016fa08604ecdb0a0bd6930cdfa85ae6a72047b6779a80dc90445725e138f","first_seen":"2026-06-25T01:06:10.214758Z","last_seen":"2026-06-25T01:06:10.214758Z","times_seen":1,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/eidoo.jpeg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.829Z","timestamp":1782349533829,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/eidoo.jpeg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-39d9\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14809,"size_decoded":11596,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"2eee070ed91a8e2515826a29f7a862e4","sha1":"2a789d49fbfa9ee93f26a403299cc3c3a9135d95","sha256":"b17ff4a4c72d030c1db9ee2c6a299c8a5adf5b9d90b96709280249758754c7f7","sha512":"4c7cd72988abe550a7df23e0436f4bed1ecefd29983fba749feb1c609ec9bf9dea088163cdaccd9c6df0e58263978f5b21eefa43a405fee9ef2cf65f91fa07da","ssdeep":"384:Fd/cmmBL1ALrRuS0G7m3f810B3VjKxe0a1:FGpeLrkS1q3f810Bsm","tlshash":"19624cc1bc524b698ebe4bf20dea920693600439eef37e7c1d136de9d642d5e8607709","first_seen":"2023-04-30T19:28:18Z","last_seen":"2026-06-28T11:50:27.64769Z","times_seen":665,"resource_available":false,"data":null}},"time_used":514,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":514,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=vespr.xyz\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.359Z","timestamp":1782349535359,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=vespr.xyz\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t2.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://vespr.xyz\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 330\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":68,"timings":{"blocked":18,"dns":0,"connect":0,"send":0,"wait":50,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/walletconnect-logo.svg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.725Z","timestamp":1782349533725,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/walletconnect-logo.svg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-95f\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2399,"size_decoded":1420,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"37f2bc6ecee2eb29b3cf6799ce58bf58","sha1":"f4179a08aaf6cb02a491470c8c1fe9b462c0775b","sha256":"7e7d839b76874273539dfb1decb8aaa80c8cbe989f70fcf8d719f6fe004dc1f1","sha512":"9c6c47bae6d75583903269715d2e773b120eb143cbe0c5a33f015f22ab7e481078abd4fdbf83d67561aeb39dcd49254da21083554af5b6713f7dac54ee2952d4","ssdeep":"","tlshash":"384175cc434057b1784aabf736de55be2d2834da6bc540b8be988f066e1d2c7601b19e","first_seen":"2023-05-13T19:57:01Z","last_seen":"2026-06-25T01:06:10.2172Z","times_seen":315,"resource_available":false,"data":null}},"time_used":606,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":606,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/shield.png","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.850Z","timestamp":1782349533850,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/shield.png HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-6773\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":26483,"size_decoded":26462,"mime_type":"image/png","magic":"PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced","md5":"bd5184a49013680b05b732a3689e2fef","sha1":"ded01b311bb9b6636d14f8b1b75f649448641483","sha256":"8b4bf0c7452227d4b565ecdd3d94f2340abb10ced27a5feaaf85b4bc854c0ada","sha512":"3d55715fe00850025a744ec6106b74bff6ad28e3468be0045b8067a8a189b296b867bdf9eea288018b29e64973ec57346569a99ac0a14669fe3e3919ef8b6b99","ssdeep":"768:qBoCpLaqZL88/QxKe1QcJpBMfW6uwnJRD0e1s9ySJl:qaCpL7ZA8/QrtJ7MfywnJRD0Qs937","tlshash":"3dc2d0a2f1e26ede511a013a94754a607cac3cea191ced4079cd6b29cf83bb13fed045","first_seen":"2024-12-24T01:05:45.534903Z","last_seen":"2026-06-25T01:06:10.217997Z","times_seen":14,"resource_available":false,"data":null}},"time_used":493,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":493,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"t0.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=suiwallet.com\u0026size=128","fqdn":"t0.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.689Z","timestamp":1782349535689,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://suiwallet.com\u0026size=128 HTTP/1.1\r\nHost: t0.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: https://cdn.prod.website-files.com/680905cfdc450738383648a6/680905cfdc45073838364974_webclip.svg\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 1951\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:35 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Thu, 03 Jul 2025 13:36:35 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":1951,"size_decoded":2835,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit colormap, non-interlaced","md5":"d1a6c7e2127f49f5658713d09d39b91b","sha1":"c36c5570ea9ef2193c674568f8362d5779c20cae","sha256":"c1634e6d6c6df68faa3bfe12f52e2b4629a2764300dd8ff70e3edbdb5fac2c69","sha512":"f47b8fd9d680b9e6566308cc1b56dcf8dc046695784406385bc2249b9b66f1d154769b5b494b8257d442d27bc9bb467fc4e83494619a555b48a961dba954aaea","ssdeep":"","tlshash":"43412cf7dffa5530194831971245d626be8dad41642dd7c2e448d140c792c9236d738f","first_seen":"2026-06-25T01:06:10.219317Z","last_seen":"2026-06-25T01:06:10.219317Z","times_seen":1,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=namiwallet.io\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.357Z","timestamp":1782349535357,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=namiwallet.io\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t1.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://namiwallet.io\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 334\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":68,"timings":{"blocked":18,"dns":0,"connect":0,"send":0,"wait":50,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=lace.io\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.361Z","timestamp":1782349535361,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=lace.io\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t0.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://lace.io\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 328\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":81,"timings":{"blocked":18,"dns":0,"connect":0,"send":0,"wait":63,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t3.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=walletofsatoshi.com\u0026size=128","fqdn":"t3.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.864Z","timestamp":1782349535864,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://walletofsatoshi.com\u0026size=128 HTTP/1.1\r\nHost: t3.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: https://walletofsatoshi.com/assets/images/icon.png\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 1148\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:35 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Thu, 11 Jan 2024 09:09:52 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":1148,"size_decoded":1966,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit colormap, non-interlaced","md5":"0198d94b32ce55c3e3b76ce8eb651aa1","sha1":"40f11fe22959efd3dfc98c2656ee4377b0624d3b","sha256":"39160557301fc82d776b094cd09312d1ea174afce82800c8ebd5e7ac8ffd8cbc","sha512":"fd3d84269c1d32e819c2b736b16137bf45934bd61a6451aa0ae61ffe6aaf1a50f4a98885f984ab6bbf887442182c7b9d32dce11878513f61a3f34ae20e25be79","ssdeep":"","tlshash":"9a21ca13a20ef43cd1b715dbb4d09114eaeadb154cb02062e43a66665bd0344a728b16","first_seen":"2026-06-25T01:06:10.220273Z","last_seen":"2026-06-25T01:06:10.220273Z","times_seen":1,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":3,"connect":16,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=nightly.app\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.355Z","timestamp":1782349535355,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=nightly.app\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t0.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://nightly.app\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 332\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":70,"timings":{"blocked":18,"dns":0,"connect":0,"send":0,"wait":52,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/maiarwallet.png","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.790Z","timestamp":1782349533790,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/maiarwallet.png HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-3404\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13316,"size_decoded":11727,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 512x512, components 3","md5":"a877a0fdcf1cb1a9d12d5e115dbe2add","sha1":"2e60dc94c2e53627634707ca4a3aff71a0ad7d68","sha256":"6756b83709c41e0fd3fe78d274976dc2ac0b756579bfbe2d243cd6f4a78e4082","sha512":"7d8bcefc506f8ddc07ebf38fbfbb0a95de8462a0e66423c6c5aa6114e2a785af40906becd1699693c21ed383f124eac90118bf949ee90c0d7cab90a53b5f57a8","ssdeep":"192:3uVQlSXj1Aph9KSzSdL6PxPwMmk99umlD93wE4VVuu0gdgVVPiRwDU:++l0aZSdLkxPvDPum91+VVuu1dOVLU","tlshash":"fd52b0c07b51622bc95106fd008c9789e4febf186bb7d4cde78645dbb287ba694cc188","first_seen":"2023-06-05T12:55:31Z","last_seen":"2026-06-25T01:06:10.221226Z","times_seen":81,"resource_available":false,"data":null}},"time_used":547,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":547,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=muun.com\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.352Z","timestamp":1782349535352,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=muun.com\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t3.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://muun.com\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 329\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":74,"timings":{"blocked":19,"dns":0,"connect":0,"send":0,"wait":55,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t3.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=trezor.io\u0026size=128","fqdn":"t3.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:36.050Z","timestamp":1782349536050,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://trezor.io\u0026size=128 HTTP/1.1\r\nHost: t3.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: https://trezor.io/favicon/apple-touch-icon.png\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 857\r\ndate: Thu, 25 Jun 2026 01:05:36 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:36 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Tue, 14 Jan 2025 23:01:40 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":857,"size_decoded":1670,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit colormap, non-interlaced","md5":"88d03c8880680fb3a955816041c59de7","sha1":"9b050b8bfdd283c45484f8c6ce9aebfcb70d2539","sha256":"7a2f9600bcf35a6362a3223784938154dfe1433727c5d561f056858623d4be76","sha512":"3526ec17d9e74decb1aaae5ff91e254e523020e9ad780d2761d2f9edd3291fbb33eb137269447105f12f1227e8a2a49050db154f6a6a0930070d2cca43b29e04","ssdeep":"","tlshash":"9511869854197e85dfe243751d864170ec335e388752c8fa6abbd43c4b5e61e832a00b","first_seen":"2025-09-22T12:39:09.528747Z","last_seen":"2026-06-25T01:06:10.22225Z","times_seen":4,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/peakdefi.jpeg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.812Z","timestamp":1782349533812,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/peakdefi.jpeg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-341f\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13343,"size_decoded":12859,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"4e707fb79ac3c7fbbbadf5eefb2b49c3","sha1":"1891191d2e706ed2de8f9e8abf1cedb1c3237e42","sha256":"d716ad850f9073128b1d56e364c61bc446a4912d86ebe0453bf20052a2759d7e","sha512":"fbc7b2c88327f2591d10bf1cbc2769163a22189036758d03a9acce6119ca0ea4069cdec4fa78617e71513b5fff83205a5f8f476a515368bce137c17269f9b156","ssdeep":"192:FCbwl963+zqXVST48UXoBwAS1qdqAAAo8HTL2hkPn9hRiKOoKWSQUItXeueaMrMc:FaGA3+zoQ/bLXTKhenNittrQU6eljt","tlshash":"ed526ac27c1288948eff8bf459628893d8454570aeb7fd2f2c637de5ea00f2c55123a9","first_seen":"2023-04-30T19:28:18Z","last_seen":"2026-06-28T11:50:27.563153Z","times_seen":620,"resource_available":false,"data":null}},"time_used":530,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":530,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/css/styles.css","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.690Z","timestamp":1782349533690,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/css/styles.css HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 23 Apr 2026 17:41:47 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69ea59db-21e8\"\r\nexpires: Thu, 25 Jun 2026 13:05:33 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8680,"size_decoded":2245,"mime_type":"text/css","magic":"ASCII text","md5":"44d6108c1d2a6c509d47561f28118cd1","sha1":"165190122e1162b0c3e1d0f4cb6701471f2145e3","sha256":"c5c4f099175b5350b5b451dc2299bfcf560775ca7a6aaec3e42b92f97de279d0","sha512":"4852b6aa4ded7786d51127872338295811d2f0626885213599f0486056585ab0ebc7631816265de2cdb4276ef66ec80a258e7f38e01952b77b12b5186581cd32","ssdeep":"192:vrtD8LaNAwRhQEYxkMGto9LDV8UTxk8etALp55UAx3fHFutomlqUYatgiCq:vBgjwRmZie/V8uqMUQF6rjIq","tlshash":"b9020ccb5aa23405bc1ea45879639b9772aad003d40fcebe7bd4610dde8c2f859a134d","first_seen":"2026-06-25T01:06:10.224018Z","last_seen":"2026-06-25T01:06:10.224018Z","times_seen":1,"resource_available":false,"data":null}},"time_used":485,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":485,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/rainbow-wallet-connect.png","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.728Z","timestamp":1782349533728,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/rainbow-wallet-connect.png HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-913c\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":37180,"size_decoded":32636,"mime_type":"image/png","magic":"PNG image data, 895 x 895, 8-bit/color RGBA, non-interlaced","md5":"e8d23ace6feea45589c6f76ba7d79ab8","sha1":"893d34559409af8286de09f54d9e0abdda628e2f","sha256":"906d749b1cb1f17617b40854ffaa626372d1fb1149000b62159b24d33e0db715","sha512":"13499abf9a9468966a7f5aad9571ab4303060e7d493881f427dc7d65e34b8d393236a861d57bdef5072db7ac90e170e363027470761347a81def0d10813072bc","ssdeep":"768:eAyM8tTRtWVp4vSpqcfyDkZnXWzV9o5rJUIeBa40Tk2YbNONmg:eAyM8tTRtWVp0SLak1WMJUDa40JY5Ng","tlshash":"25f2d0220b48d40eda9dc970528832f9169583935585ce33d0f60faedbd51bfaddaf0a","first_seen":"2025-11-07T14:18:41.506232Z","last_seen":"2026-06-25T01:06:10.224937Z","times_seen":2,"resource_available":false,"data":null}},"time_used":604,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":604,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/1inch.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.765Z","timestamp":1782349533765,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/1inch.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-462a\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17962,"size_decoded":17844,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"33980d05709d80b3caa512c95943cdc6","sha1":"243d8d4f8c578e16df5192cfe512664e864da473","sha256":"b494e732168825a8daae0c748a215053c536842ee7a9b0b7aba94067a757289e","sha512":"1357faac77af996c6dbd63842276e78f6fc7816ce3441e940a88dd374a517364bd6f00d331d935f0787d79536c383e3cc4d2c0bde3a996014f04641b9d6f1b8d","ssdeep":"384:0BpkSgIpA5O770veolRsxVa66crZl5FqjGkPNQB6ai:wpkK+xlExVr6cLGxPqri","tlshash":"ff82bfcafc4828d96e9ec1b7008350066ae985356fbbfa2c1957fed9f138e4c8584748","first_seen":"2023-05-01T21:31:16Z","last_seen":"2026-06-28T11:50:27.557552Z","times_seen":831,"resource_available":false,"data":null}},"time_used":570,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":570,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/trust_vault.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.767Z","timestamp":1782349533767,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/trust_vault.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-34be\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13502,"size_decoded":12690,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"2c59b7c0c81a6c33598ca9574fe92c8c","sha1":"12262f0f730af892aca76e1e61343a21689f1e92","sha256":"d57de5ef07bf01fd1a0ceae790861ce5ecbf29bc076e03ef7e948e207b8b05db","sha512":"3e79ede6dc88160a95aeba45b21f0289489a40f2eed8ff379c4d0a7f4a6b4ad57b7c1aa2f7cf00c9705c3c9a23128a883678061b626704c9051ed4448c1aadb9","ssdeep":"384:YiDLmh/PA6vmD6FdDp5Pl4PsKHNHq3ps/Kk:5+h/PAcmWFdVosCNHq3ux","tlshash":"7c52ce25f46c77ccdb51e23a9188825142e60ffaa05c39bd538370b901af73ca84f96d","first_seen":"2023-04-30T19:28:18Z","last_seen":"2026-06-28T11:50:27.567628Z","times_seen":845,"resource_available":false,"data":null}},"time_used":569,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":569,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/midas_wallet.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.802Z","timestamp":1782349533802,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/midas_wallet.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-358e\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13710,"size_decoded":12694,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x352, components 3","md5":"4440d86c7acad101dee957c63301559a","sha1":"fdefd83f9815393ccad764cc611ba2e6bd9eadae","sha256":"e37965ee219a033ebf6e6957e008b212d56bf60e8ba9cbe64760cbfa15460c2c","sha512":"bcd988aa24c9c52edffb8b34c735596e22ce9ec5035d0601429ce583a2d8bea1f770b4b1f095cb9b3aa4f12d0a9683db9cea7b9fb5bff51be68f05f20c3170e7","ssdeep":"384:xxqNzgedRIpUPkx568Q2zml9C5BmGc6hMMWHHDF:bqNzgWhMsX2il6BruHDF","tlshash":"88525ba8f09f97049d81db3b53272930462bb4a9ef6605de8d33677134ae900e9f4f60","first_seen":"2023-05-01T21:31:16Z","last_seen":"2026-06-28T11:50:27.616609Z","times_seen":701,"resource_available":false,"data":null}},"time_used":539,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":539,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"t1.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=ellipal.com\u0026size=128","fqdn":"t1.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.880Z","timestamp":1782349535880,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://ellipal.com\u0026size=128 HTTP/1.1\r\nHost: t1.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: https://cdn.pushowl.com/images/tr:cm-pad_resize,w-192,h-192,bg-FFFFFF00/ellipal/default-204e13c2-1adb-4192-86a5-34e10b45848e-11624.png?ik-s=b94e586a7276d2362cfb4dd8eec4fa016d3db523\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 1271\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:35 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Tue, 11 Nov 2025 13:09:44 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":1271,"size_decoded":2219,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit colormap, non-interlaced","md5":"746b20706bad3554f7433872d22091f8","sha1":"860a5ccddf78c44abc192de387e56a9d5b2d4515","sha256":"525753ffc21db7dbfbd54d9c163b96eb87363b373f52b6562d3e22f95c3378ff","sha512":"2688d1fa2b98090645bc51b0c8837529343fee66478012bee00274116cdbc6491e3c62b2d5379ee906558812482309d91f2bfb4d921f1e3ad3372b8982caf0c3","ssdeep":"","tlshash":"fa211aa29c1a9d30fb63130812232062f07e864bbc21c9a278005e5d57dff52523b2ff","first_seen":"2026-06-25T01:06:10.227843Z","last_seen":"2026-06-25T01:06:10.227843Z","times_seen":1,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/mykey.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.768Z","timestamp":1782349533768,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/mykey.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-242d\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9261,"size_decoded":8222,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"c2353b70342893978beccfa3cdafd816","sha1":"a8ed10fb8f871d606a0e340f7c2a274f2eed916c","sha256":"65a2e3a384d8412917b5b2917eb222577222ed747ba05538178741a9b6ca928d","sha512":"e74a2c66bacaf5141a88ddb718ef074fbb3cae253507b09179e0f69af6ed043edb41d58b6cf4842fd920e599dade1a88569f5ccd850c881586f3b51112bbeb9a","ssdeep":"192:EMYhdl0dK1Mx/vjKdB7xvnBNECglMpR5bK7QIW5f+swJjs1Xr:ExXSK1GDKdznBO1Bc+LB2r","tlshash":"ac127df03d814663e646f83045fe0a183766a99aeb9bcf1e5851f163412fbe81a25a04","first_seen":"2023-04-30T19:28:18Z","last_seen":"2026-06-28T11:50:27.643888Z","times_seen":723,"resource_available":false,"data":null}},"time_used":568,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":568,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/sologenic.svg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.775Z","timestamp":1782349533775,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/sologenic.svg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 937\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\netag: \"67becf1d-3a9\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":937,"size_decoded":1209,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"bd9af576e1a404d88b1f7201f8f2ec06","sha1":"cccd63dd7c561bf6f19c87c0788f5271d3f44b7a","sha256":"12274eceef9b015c8ab6de46b1c8e35ca7671069f7845e4a5b07c2a6fab0a018","sha512":"0f7978a4d311a3e7f7b5aedbc183fa1447014c647eceb6b7cb775811b1831ac4228ea58e84c2cfd45417d1163e0c9e54a8313134017e4d683baf37a50e55eca7","ssdeep":"","tlshash":"6f111064830b076899064a5ac6ec79da339e3493a025beecce139b513c04df30c39b7c","first_seen":"2024-12-24T01:05:45.421661Z","last_seen":"2026-06-25T01:06:10.229509Z","times_seen":18,"resource_available":false,"data":null}},"time_used":1058,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":561,"receive":497,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/keyring_pro.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.801Z","timestamp":1782349533801,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/keyring_pro.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-24d1\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9425,"size_decoded":8918,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"5f3cf20d5755aaaf8c7001986b7742da","sha1":"8c60c012bfe373c8ed5cddaeaae6a61a85b16a99","sha256":"504c9a359cc43d40ec0096c5f64aa51440a31389684e7d80436f64edc1deda6c","sha512":"d14b7f15b8c3ce81c65aa9125f9e1f94d46cb1d5312123a6451aededb8000b588ebcc7ab932b5d264c31b5dc7dffba8f961fb8f140928852336375e5fca98655","ssdeep":"192:gI5VpjXFj1FKvLrHS6fdpDM0gAQULSqMc8:g+dDkPHS6fdBM0GULSb5","tlshash":"0c129e213c34c2cee1b6d97a4e9750e18eceed24b60f7bae516935d686393224ece440","first_seen":"2023-05-01T21:31:16Z","last_seen":"2026-06-27T05:19:56.348204Z","times_seen":427,"resource_available":false,"data":null}},"time_used":540,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":540,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=cypherock.com\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.331Z","timestamp":1782349535331,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=cypherock.com\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t2.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://cypherock.com\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 334\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":69,"timings":{"blocked":22,"dns":0,"connect":0,"send":0,"wait":47,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t3.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=muun.com\u0026size=128","fqdn":"t3.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.876Z","timestamp":1782349535876,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://muun.com\u0026size=128 HTTP/1.1\r\nHost: t3.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: https://muun.com/apple-touch-icon.png\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 475\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:35 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Sat, 23 Jan 2021 10:01:17 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":475,"size_decoded":1279,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit colormap, non-interlaced","md5":"e0104797add67db9d9edb02c7076cc20","sha1":"f0d44b6c82671fa838be00eb81564af2eb7f1142","sha256":"e22ae221884850e59e515324b48688a43458590ddf7487962685fc2a11bb23c0","sha512":"5eea584efc1c729f6aba6232d382b217b4a2f6b73d8023dd67a573d9a1cfb6153ed91558f190d13f76a9df897a93c66fac1d0d7a466ff346930e34a637074ad9","ssdeep":"","tlshash":"4af0d41a1b44ce77e5714872516620f3d3fb31045554785e843543143f0eb5e618fa28","first_seen":"2026-06-25T01:06:10.230864Z","last_seen":"2026-06-25T01:06:10.230864Z","times_seen":1,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/atomic.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.768Z","timestamp":1782349533768,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/atomic.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-30ee\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12526,"size_decoded":12339,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"480248df94d2b0e11d18d8c2c594d695","sha1":"f7247cd551510a4661a04fc21bc4ff792397791f","sha256":"e3a1988e50124aef7c65a07ce80c3fb8327a94274c026c0b47b978c5f6f9d4da","sha512":"dcae5e86f125775e3b5ccdced2a54d4d7e9e514175400104920c5b797d76a024363c65a494625fa173302ae0e2f64606350e39a5de4ed3679103ccdb62c7ef2f","ssdeep":"192:xEsvzGFQE5XauHNUXR9mMLj1wTY+K7rQi32Q5TCSimRgZh6POZB5UfDhEO1cjk/:xYrHQfj1wTnGrQc1iogZh0EUfyO6C","tlshash":"7442bff6744e6be2d61ef4b7c1f40909ac9c1f70aa029b6cf6231189cd77b66369c019","first_seen":"2023-04-30T19:28:18Z","last_seen":"2026-06-28T11:50:27.667439Z","times_seen":852,"resource_available":false,"data":null}},"time_used":567,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":567,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/halodefi_wallet.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.784Z","timestamp":1782349533784,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/halodefi_wallet.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-1b1d\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6941,"size_decoded":6710,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"b7b86cf653072d036c6ce25b21075ffd","sha1":"d1848f773e4ab91de17efa57c286d21bd38b3633","sha256":"3edd13023131a27bda3e49b23184bee8a7b8c0ab7d283bad63612eb7b339e7d8","sha512":"59c08978f0293fb0ae99fb4ad1ca0448164f1bab16797d4d5d8431cb572c7014df0d62270ba5c37a6f34ef3ec5e3e7b7cd0b00eb582c230bdcb1af41aea48780","ssdeep":"96:d58SnLFHGQDnbElAnKO5vMgiiuYqp29G1JEo5nzeJqNesGs2rdWANdb:/BFHGQ8gv/iSUJEmyJy6rdWANdb","tlshash":"43e1af4633240d1ee52efebb79f25031cd173554e64a864e98b948a60bbc07805ae285","first_seen":"2023-04-30T19:28:18Z","last_seen":"2026-06-25T01:06:10.232564Z","times_seen":569,"resource_available":false,"data":null}},"time_used":553,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":553,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=bitbox.swiss\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.330Z","timestamp":1782349535330,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=bitbox.swiss\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t2.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://bitbox.swiss\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 333\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":89,"timings":{"blocked":22,"dns":0,"connect":0,"send":0,"wait":67,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=rabby.io\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.335Z","timestamp":1782349535335,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=rabby.io\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t3.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://rabby.io\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 329\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":84,"timings":{"blocked":21,"dns":0,"connect":0,"send":0,"wait":63,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/imtoken.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.804Z","timestamp":1782349533804,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/imtoken.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-1cff\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7423,"size_decoded":7499,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"e178ae94e21e6f38e4ee29a0778822e1","sha1":"1a1ce5a9bb337522c7e67a8761c2ea6bbf79a652","sha256":"b2b3f3d4557f701560a3d6039a5c6401d05fe9dec68c71a0ba699606b565f5df","sha512":"2d52db69f05b7628b36b037f8e2c89a49b7c136dc2350bf45d935eec03f23c3d00f5f23359e8750ae13d59fa10b80bcf66edbd2981b8c70af0122c06a5a7e800","ssdeep":"192:oRKLceCfVl2dCb6Y8lrZEKWN0e+11+sFYEKqYeoYT:Tcj2d9SpiA+KqDT","tlshash":"f8e18e497d952b39c281e37815f84b636b6f49a7b278916ef70570880124eb24b4304e","first_seen":"2023-04-30T19:28:18Z","last_seen":"2026-06-25T01:06:10.233265Z","times_seen":740,"resource_available":false,"data":null}},"time_used":537,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":537,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"t2.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=roninchain.com\u0026size=128","fqdn":"t2.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:36.085Z","timestamp":1782349536085,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://roninchain.com\u0026size=128 HTTP/1.1\r\nHost: t2.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: https://www.roninchain.com/ronin_logo.png\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 2420\r\ndate: Thu, 25 Jun 2026 01:05:36 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:36 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Mon, 27 Jul 2026 08:43:37 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":2420,"size_decoded":3229,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit colormap, non-interlaced","md5":"d6bfd096875125d997df82f4192a5cb0","sha1":"e1d624695a76a1fe43ca7b67d5de04e5a6e1216f","sha256":"f22fedf5b9437bfba54022a48a53f45dcd4147cd9298baaa7a3f7189653e4be0","sha512":"ef3009c33d22b500818b28b870803ab20b2326d333ea9f7b30084230207f36a7a8fc678a1332352dc5673f0574c6a3bebb8de6d81f3230fb1ef5153307f0d87d","ssdeep":"","tlshash":"17413dcc770c08bdce5751bc85685817dc55ae724ed0ae11c8b8ef0816f7614878909a","first_seen":"2026-06-25T01:06:10.234143Z","last_seen":"2026-06-25T01:06:10.234143Z","times_seen":1,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t1.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=suiet.app\u0026size=128","fqdn":"t1.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:36.384Z","timestamp":1782349536384,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://suiet.app\u0026size=128 HTTP/1.1\r\nHost: t1.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: https://framerusercontent.com/images/eDZRos3xvCrlWxmLFr72sFtiyQ.png\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 3360\r\ndate: Thu, 25 Jun 2026 01:05:36 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:36 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Fri, 16 Feb 2024 07:06:43 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":3360,"size_decoded":4195,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit colormap, non-interlaced","md5":"c5ef74b411cff43691af69c5e65bc698","sha1":"08223c85a6aa169bc7e38ff4ca230226beb1c8f1","sha256":"7fb9de5061f2f6c44d29350e41ae2d745e1a816c3bee83d31ece6de50de0bc58","sha512":"9b2036c25e304904303aa8bb1f55b63b6a8ddb83856ab294a55bcde573578ca8bc71cb7ab7913a3f61790154a563f4bbffd2df19a0c703c3040d8f0c39578275","ssdeep":"","tlshash":"db615c5c3184daa5d74b1ac8dd00eac261668f1cdf57902a12c33e31262be5ccfd2b91","first_seen":"2026-06-25T01:06:10.235016Z","last_seen":"2026-06-25T01:06:10.235016Z","times_seen":1,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/xverse-logo.jpeg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.739Z","timestamp":1782349533739,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/xverse-logo.jpeg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-a1d\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2589,"size_decoded":2861,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 204x192, components 3","md5":"4b392fe19a36c787aec1cad1c437222e","sha1":"11531cc49542607ceff7872f911ad92ca5f0f5a9","sha256":"f271f93aad08c6dc3ef977db91a1f14348215782dd404ff6a586cf54d8eb3246","sha512":"fa3750284da544679e3819de4632a83124be2443447650fba466f26de99c0123958a93f516ebf522d54936b2d85a243f9d9548fb2c6b101d866288e46fc821d5","ssdeep":"","tlshash":"a2515bd18945c625de7b23367ccb33b7379d1cba26808899678058fc70f24c5ad62ad3","first_seen":"2026-06-25T01:06:10.235932Z","last_seen":"2026-06-25T01:06:10.235932Z","times_seen":1,"resource_available":false,"data":null}},"time_used":593,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":593,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/bitkeep.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.781Z","timestamp":1782349533781,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/bitkeep.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-2f0a\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12042,"size_decoded":11567,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"66d74cb438855098d4a61aec2aba71b6","sha1":"0dc06a5dd938feeeb96b0b649cafe65b80965a54","sha256":"795fbd7c08bf5ccf7e82dc12c7dd309d9da4b2aee2dab5e0a678f7ac4e17fa12","sha512":"dcf184f4f6784c65af565aea28834a0bf6600c86a799723cd0beb3c441d1e40b1336cd3c52a10050d20abbae3867c2f8778700ae6c6ce5564897ea44ffec5793","ssdeep":"192:DVLc50id6aj4jkeR7YjTq8iyrfgPyvfzDtphLig6IWVd73N6gjhmUiPMO/SbU+7g:N616aCkeRCriWzxphLigsX73AgjQnrYc","tlshash":"0042bfa77775a49be6a4fd78226fc514a3f228015c16ab2c123fa8730e0c34d1b029e7","first_seen":"2023-05-01T21:31:16Z","last_seen":"2026-06-25T01:06:10.23678Z","times_seen":651,"resource_available":false,"data":null}},"time_used":555,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":555,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/infinity.jpeg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.820Z","timestamp":1782349533820,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/infinity.jpeg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-32ab\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12971,"size_decoded":12191,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"340d9d8c59bb8e054ed894fa94d0e5cc","sha1":"60e94abce90f3502cb6f25191b5a78155d82f2a2","sha256":"1e885055bc6f59e17d4efb79402712c35c6c93752529552664e21835dbb6873c","sha512":"6dbb301e1ee852b81493c1d66ec04cd45bc7a0b09edb7dcfaa6aa32fd66c68d3b2fef5c41aab388f93db6416815239825bba933b13e632d5a239166f2894860c","ssdeep":"192:2We0XfqmrFODg7iUr1nfMtRbUzhbw586gGKt6i9lTAAfzZ0Fn2qHboyPV71:jymrCg2eJfMtqzhbm876ifAOzOnbZ/","tlshash":"3242a059f1b50230e20dd5398dec29f7f0542bd451a6eb6ebc1739fb67285a07b42c06","first_seen":"2023-05-01T21:31:16Z","last_seen":"2026-06-25T01:06:10.237291Z","times_seen":385,"resource_available":false,"data":null}},"time_used":523,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":523,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=roninchain.com\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.337Z","timestamp":1782349535337,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=roninchain.com\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t2.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://roninchain.com\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 335\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":87,"timings":{"blocked":21,"dns":0,"connect":0,"send":0,"wait":66,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=aquawallet.io\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.350Z","timestamp":1782349535350,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=aquawallet.io\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t3.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://aquawallet.io\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 334\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":74,"timings":{"blocked":19,"dns":0,"connect":0,"send":0,"wait":55,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/math_wallet.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.764Z","timestamp":1782349533764,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/math_wallet.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-3429\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13353,"size_decoded":13557,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"60f4289459b9326996863cfa52422fe5","sha1":"e057d71ca36992fb6f62dd7c1b84b9d39f921ac8","sha256":"43cfdb39a637087c1c4c055c40b0db772977310a32c6b84b7650cfb3871265ad","sha512":"cc3dc03690c183c48520000c46ec3c203be0a65f538a5e1151367824e66894f7cd759eb80e7c64faddca7e2e7cfe163d16cb724497af628edc2401d92e109d8a","ssdeep":"384:RGR5q7FLLGEyEZEc+85dFYjD2hJKmFb7j6zI92M:+uFAMdFYjD3mhOM","tlshash":"9552cfde7d1401f0e46bc7b16f1c18aaab8de72b92827d4fa8bd40515ef44221de29d1","first_seen":"2023-04-30T19:28:18Z","last_seen":"2026-06-28T11:50:27.57264Z","times_seen":1037,"resource_available":false,"data":null}},"time_used":571,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":571,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/tokenary.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.773Z","timestamp":1782349533773,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/tokenary.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-12e6\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4838,"size_decoded":4475,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"3fd4369bbf41aa2eb083896e8523baba","sha1":"45d7fec158b7b33ea20a7aaef8443241c52a4a7c","sha256":"9a2afe96a1e23c9792c8e2a17307a3f79943abe4dbe3937f1d40ed3cd9158a24","sha512":"691d6ade2fa8970e3134db3447359f1e7993e7d1e59a4841eccb64363013d4ea39c966b31ae87aceda61b8511068bb9403eef0395a39a22888b198de06726b88","ssdeep":"96:KndUeVZ0u6pdehwApVnJVdkYdXDuFhlG+zn:KnP76pde2ApVnJ0YdXSblZb","tlshash":"f0a14b5e32afe128cc23df35044db16ebe2838b40625eb2c5d7c9591442b52a35ecd1d","first_seen":"2023-04-30T19:28:18Z","last_seen":"2026-06-28T11:50:27.627404Z","times_seen":829,"resource_available":false,"data":null}},"time_used":563,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":563,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=tokenpocket.pro\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.364Z","timestamp":1782349535364,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=tokenpocket.pro\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t0.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://tokenpocket.pro\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 336\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":86,"timings":{"blocked":-1,"dns":4,"connect":26,"send":0,"wait":55,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t0.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=tangem.com\u0026size=128","fqdn":"t0.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.888Z","timestamp":1782349535888,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://tangem.com\u0026size=128 HTTP/1.1\r\nHost: t0.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-location: https://tangem.com/apple-touch-icon-precomposed.png\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 816\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 18 Jun 2026 15:56:50 GMT\r\nexpires: Thu, 25 Jun 2026 15:56:50 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Thu, 21 Dec 2023 01:51:41 GMT\r\ncontent-type: image/png\r\nage: 551325\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":816,"size_decoded":1647,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit colormap, non-interlaced","md5":"186a16ce10f5c5babfa02a6518145662","sha1":"f2d2847421ff6e34c9c0ff0097f29991dd69ea23","sha256":"69213ca952b497e70387042b981f60f091c92b1a3d066adf631636c2455b7efa","sha512":"a537e86b6404734b75c9a65f5d856c6d70d37580183e8554787234f4cb8fcc120f080698dfc8edf8ec14bfbd3996f7bd3b5de47b85700213274e5eb479ba91b2","ssdeep":"","tlshash":"9101ca8df813d8e64c0cd0842c3495283f350dc856c2ed6ff4e2351a04f525c1675c6c","first_seen":"2026-06-25T01:06:10.239065Z","last_seen":"2026-06-25T01:06:10.239065Z","times_seen":1,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/argent.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.756Z","timestamp":1782349533756,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/argent.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-12bf\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4799,"size_decoded":4452,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"ba14456aaa8918f10ec0f0406cfab704","sha1":"821df4dbf546ec0cbf0e0638b3607435d280c6c9","sha256":"2f1cc7a575e26a18f4c7903434a91dcf10761445254808b636567087fc8f5d5e","sha512":"5745593deca450974fad33c7718c292576a1be8bae48fc3b47ddfb2e5fcff58ef1b9c1adef74311b81a3e78e3ae1541a8bbb394a1d88a6c3d6ec5d3075f06cf9","ssdeep":"96:4BHKB7E4zhgPFB0T6N942Y1L34rJ/JTIowjBezyQafsFldb1:wO7bzhy0W94l1LgGowGyQJldJ","tlshash":"eca16d2b35e1db27dc05ef32006301209ba2ce9ebc09af6cdae826484ae91c0cb4d5d4","first_seen":"2023-05-01T21:31:16Z","last_seen":"2026-06-25T01:06:10.239882Z","times_seen":559,"resource_available":false,"data":null}},"time_used":578,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":578,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/dharma.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.766Z","timestamp":1782349533766,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/dharma.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-2449\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9289,"size_decoded":8968,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"2ba13682688e9661fb00bba1532a79b0","sha1":"d4f19a59aa974dc8929cda52640f98d8609b4fd8","sha256":"61a6c2e2f76f17b486ccb727517f45f106325ad7102683d223d3ad984f7b55d5","sha512":"c66f5b0f5171dc9e98473ed22a1e9c541b56f3de437555e138d41f67bf7f8e5d426830fd2de2a4a44b3341e1df5dca83cc89b6578177c096db3f207ec0dd5eb5","ssdeep":"192:P+Kc+tkDKRwgrafW1XZ2hwPkcDLtpMCDVjwb0DVnj5AX8jAS:Dz+8rv1XjLL8CDdwoDVn1AX8j/","tlshash":"6412bfd97ba3b25fc082873f3035b221a4a3d815a5f87bad9a6df0c7ca181b9447d449","first_seen":"2023-05-01T21:31:16Z","last_seen":"2026-06-28T11:50:27.621339Z","times_seen":753,"resource_available":false,"data":null}},"time_used":569,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":569,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"t0.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=eternl.io\u0026size=128","fqdn":"t0.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.552Z","timestamp":1782349535552,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://eternl.io\u0026size=128 HTTP/1.1\r\nHost: t0.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: https://eternl.io/icons/favicon-128x128.png\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 12033\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:35 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Tue, 03 Mar 2026 20:23:41 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":12033,"size_decoded":12865,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"913059e0547c3712248416185bb0e839","sha1":"c6dd04fe22a1ecc47f3894b9f574f912361bcd08","sha256":"2f79fc19e85eac4993446bcfdf0bc6730bb70e73f3a481b5c2a30e4c959e6741","sha512":"5596a8f511de22c10090c9a842c6263e4c5ad7028c9be173977d06549aff1bf8d2ad36305388d9eec6545aca769289086b81cc9afcf2dc9e21e4eccebdc07e2b","ssdeep":"192:8CsGtjGA+faR4oh1cADstQbR0zpuKXsgMbqXX0RdXvLzSEK+9qx2PH/Yw6gnXi29:8Boj74ob0QbCFuUshmXX+9LrMYPfPxXL","tlshash":"f942c0a4845600da9dc4e3d064cb8c7fa91f4bac15c9b7fa79370888b975626ed0b123","first_seen":"2026-06-25T01:06:10.241212Z","last_seen":"2026-06-25T01:06:10.241212Z","times_seen":1,"resource_available":false,"data":null}},"time_used":84,"timings":{"blocked":-1,"dns":3,"connect":17,"send":0,"wait":31,"receive":3,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t3.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=rabby.io\u0026size=128","fqdn":"t3.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.887Z","timestamp":1782349535887,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://rabby.io\u0026size=128 HTTP/1.1\r\nHost: t3.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-location: https://rabby.io/assets/images/favicon.png\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 1411\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 20 Jun 2026 20:07:09 GMT\r\nexpires: Sat, 27 Jun 2026 20:07:09 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Thu, 22 Jul 2021 18:30:27 GMT\r\ncontent-type: image/png\r\nage: 363506\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":1411,"size_decoded":2234,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"a286de9c632f3caaf5a90434c7167a40","sha1":"ebc97079197b2985343115c10984518922d4d87b","sha256":"3940788f8fd54ab23461fcf2fb15a08fa3be857ba0e6d45f327266d600642a69","sha512":"a770e69e34987538ba85eac493487e63f308c30df184cc9e32d8fddbc23e9cc22ff672cc022de918300ae25d04bacb169d4afef78817aa58e4ef734440eb6430","ssdeep":"","tlshash":"1921e9d0a2e1321c88926506c0b1d6987ff320f8dd6700178c7dca6204beb712387d1b","first_seen":"2026-05-05T10:13:08.043013Z","last_seen":"2026-06-25T01:06:10.242135Z","times_seen":2,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/coinomi.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.771Z","timestamp":1782349533771,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/coinomi.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-4463\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17507,"size_decoded":17406,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"8bec00af795032b272969d8604dea45f","sha1":"6fc98a9dcfd3ed4f6d2f4daf4076aa366b755ea5","sha256":"cee38ba709752168c77e15fa9fbb7fc075d5cf73f06224aadd745b0094364408","sha512":"86866fc18a72436b8eaac6901f600744980a18d02d5061d06836396aa9449fa6b86bb7ccacb041d9996aa75501f628a7f0282fb2acd2cd8324a5deaa5a9d3c2b","ssdeep":"384:MM8i91ZGte7UkcvKKXBOtLXSvdXPL8HPwCYDkYu9Ev1a2Bl8:38i91ZGsbsBOtLXSJz64NQG1aw8","tlshash":"da72c0d1786c0d4445bf9ff48d03e2366a86c2924dc9fd1cae6568a4db04fefd2c6184","first_seen":"2023-05-01T21:31:16Z","last_seen":"2026-06-28T11:50:27.58992Z","times_seen":735,"resource_available":false,"data":null}},"time_used":565,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":565,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"t2.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=phoenix.acinq.co\u0026size=128","fqdn":"t2.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.715Z","timestamp":1782349535715,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://phoenix.acinq.co\u0026size=128 HTTP/1.1\r\nHost: t2.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: https://phoenix.acinq.co/apple-touch-icon.png\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 931\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:35 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Thu, 19 Dec 2019 16:08:51 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":931,"size_decoded":1743,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit colormap, non-interlaced","md5":"365819189029bd1843daff12db7fff00","sha1":"2f47226adb1a4a29052fc948e10326c0329c7f9d","sha256":"1965ee8965d2965feb41699c80911b420f4b8ba80681ac35d0f3761a5ebbe10e","sha512":"cd40fd3e3a8898a05a66e300bb54aaae4d34a5158617ac311845b788b8d3cde7c2f083f7837c460cbf054e9a7c4a4abb00d54c48995e6cfb2d20be245fddead2","ssdeep":"","tlshash":"6411bbe7dca6bc23d0cc7571cf190ac565554035d6659b8f9c31901c55c8d35d342bc1","first_seen":"2026-06-25T01:06:10.243852Z","last_seen":"2026-06-25T01:06:10.243852Z","times_seen":1,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/css/css2.css","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:34.361Z","timestamp":1782349534361,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/css/css2.css HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://walletsync.one/static/css/styles.css\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:34 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 26 Feb 2025 11:04:51 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67bef553-7d9d\"\r\nexpires: Thu, 25 Jun 2026 13:05:34 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":32157,"size_decoded":2321,"mime_type":"text/css","magic":"ASCII text, with very long lines (1572)","md5":"77a6911755571aedf129a0a6818c0720","sha1":"c0d02d0587cd10779c2347dde133b2bcc7a1c7db","sha256":"9aed8fd358c3c90ba6ae736b5ee603e625603777a7399f31d9a3ffd4a063d52e","sha512":"84360f1473dd64906c60b87b3e7daf1ada323d58e45cc97aa7fb4a9049950534260e4976692a9061e8eabc69c3ce2f18a11258e82925af7537ae732708e31754","ssdeep":"384:Dj5zjij/j/jo4jlqY4ejOjejc5l2RRoslqY4yCyN5UjYYodlqY4XnXe5jUnnoula:Dderz84hLi6AeZvVseyyQc","tlshash":"1de2eb900817100197835ce223cebf76fe5e92017144e1766bfc672badcfda652a93ad","first_seen":"2025-09-11T16:41:43.096037Z","last_seen":"2026-06-25T01:06:10.244722Z","times_seen":4,"resource_available":false,"data":null}},"time_used":498,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":498,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=coinkite.com\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.329Z","timestamp":1782349535329,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=coinkite.com\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t0.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://coinkite.com\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 333\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":90,"timings":{"blocked":22,"dns":0,"connect":0,"send":0,"wait":68,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=suiet.app\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.340Z","timestamp":1782349535340,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=suiet.app\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t1.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://suiet.app\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 330\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":91,"timings":{"blocked":21,"dns":0,"connect":0,"send":0,"wait":70,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=xdefi.io\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.346Z","timestamp":1782349535346,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=xdefi.io\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t0.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://xdefi.io\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 329\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":75,"timings":{"blocked":19,"dns":0,"connect":0,"send":0,"wait":56,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/okx-logo.png","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.749Z","timestamp":1782349533749,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/okx-logo.png HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-1f60\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8032,"size_decoded":5123,"mime_type":"image/png","magic":"PNG image data, 801 x 793, 8-bit/color RGB, non-interlaced","md5":"44f1cda7bf6275afe4b2bb7f3e209021","sha1":"27e72a5a44c71a4be8dae8dd38a5edced9e46cfc","sha256":"26e3ac2cf8c5e7d1d1d5e767c7eaa96fb8564e0b37dac63662cdd8f41a3d10b7","sha512":"3aad13ce98bc8b3a4c581921c75d5101d265c6f17141f50d0bd96298ffbd584f6020ce4ac6f9315239a0f5a5b3c705005be81791f32f2a858b617f94cc8ceefc","ssdeep":"96:8FcuabeFnxxK1na9olg/BQRgn7jHmM75hV2Dz3kH1RZOcEJweNEgEhR:UcLbgUa9oCKRguM7N1DOcESeNEg6","tlshash":"14f1a687a75a046f800dcb5f7a207f9432ac6f792a53ec58fdee6b0457ed4b06d1060a","first_seen":"2024-12-24T01:05:45.437709Z","last_seen":"2026-06-25T01:06:10.245487Z","times_seen":18,"resource_available":false,"data":null}},"time_used":584,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":584,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/flare_wallet.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.796Z","timestamp":1782349533796,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/flare_wallet.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-1a0b\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6667,"size_decoded":6291,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"8628295c6cfcbe2c37bab42b69ee414e","sha1":"2f24dea38389734f56eda191707ad6c62a026f8e","sha256":"6fa0b252dce3014cae4d9043162c934d76492b2b76ae283877aafc411d939c5c","sha512":"078430e084c9b4752963d6374ba226804f2d5838c59c8bf9872f3badd78915db3f6fd346df918a9c3351b5ca1c6df1b9512202757d6ca7169c4d61a0191c307a","ssdeep":"96:bRRqBqQCV+nbwKSpMi7Ho5HBvRXTJnTVssyDHwfm54WztuTgMwmQOCXxHBCO7c:b+LrTSzH4HBvRs5QfmjB5mvCBF7c","tlshash":"c1d19eff37982211d098f9324a48649a3f33032c519133ec2063612f6e6bc1c4a84f9d","first_seen":"2023-04-30T19:28:18Z","last_seen":"2026-06-27T05:19:56.374013Z","times_seen":602,"resource_available":false,"data":null}},"time_used":545,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":545,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/gnosis-safe.jpeg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.847Z","timestamp":1782349533847,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/gnosis-safe.jpeg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-1dc0\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7616,"size_decoded":7013,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"1f663d3c5f03aa83c9376c86372e7cd3","sha1":"0ed1a0fcaa19b904492a0a11a0c11f8f1653def7","sha256":"2089a0f960f82107c401f2889daad6620de4fd4e4bdc01295bbb2350953723bc","sha512":"f868c173267b230d854249fdb0cc4ef0a0e821e775f48a2e7a408ba4b39e13629f63b96a9e0c0eb78d161f9b38d30b68d1919bae7f1257746a588ac56eb3ba2d","ssdeep":"192:cjUBhceOZWCSNEYb9RaRuI+b+97TJKcZry:cjQmWCSGW9k1+cRKcs","tlshash":"88f19e8bf9d7284ae294f53b1c261891575314b1dc3548ef3acb1ba79a2e025fa99c04","first_seen":"2023-05-01T21:31:16Z","last_seen":"2026-06-25T01:06:10.248232Z","times_seen":394,"resource_available":false,"data":null}},"time_used":496,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":496,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=safe.global\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.333Z","timestamp":1782349535333,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=safe.global\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t1.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://safe.global\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 332\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":72,"timings":{"blocked":21,"dns":0,"connect":0,"send":0,"wait":51,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t2.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=tronlink.org\u0026size=128","fqdn":"t2.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:36.008Z","timestamp":1782349536008,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://tronlink.org\u0026size=128 HTTP/1.1\r\nHost: t2.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: https://tronlink.org/favicon.ico\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 2166\r\ndate: Thu, 25 Jun 2026 01:05:36 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:36 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Mon, 08 Dec 2025 13:54:23 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":2166,"size_decoded":2966,"mime_type":"image/png","magic":"PNG image data, 93 x 93, 8-bit/color RGBA, non-interlaced","md5":"f5d29f01cb31a925da06e558395c49d9","sha1":"4465fde99140c06902f6103f1b5d2d7568d33b86","sha256":"a61846751234cd8d031ae895c992c5c000a58c24daa85e1873719574abbd3a32","sha512":"c288dc2531fa490404a2b955df2c9b49a2dbfce0f86e128e9ef6367fbfe5d64ec5307d41dc9872d7268a8e526bfa4e0d2656b9567d0bc1837035b92ac728cbd0","ssdeep":"","tlshash":"1741096578c8fc49c3684d463c41ddf2fc085214b658ebf9e3656118bd8059a22aa887","first_seen":"2026-06-25T01:06:10.248765Z","last_seen":"2026-06-25T01:06:10.248765Z","times_seen":1,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/blade.png","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.744Z","timestamp":1782349533744,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/blade.png HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-149b\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5275,"size_decoded":4078,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"e03199ea9c63cdfef569e146f18194df","sha1":"05fcf798a318683ade49ed6c1aa7d7e0eb2c882f","sha256":"126cb2fcc48a03e3fa76bf3c8f00c07dddfc48ae815fdd568874393303fa9e15","sha512":"b715c1f20025945dcfa14a587de871fd9ccb4235e1a0f7d66bd669cef47255dccca4f4ff71b43bdf70f5ae7caba7282fa6be1a884d98241d66855bc23efa7cd9","ssdeep":"96:nS4l5YULFN2IX9J8E0wRKO4h1xwNI6R2lK1pFCTiU55QGE1Lar:nSrw4IgEFKO4hXwy6R2lKvl+Qsr","tlshash":"dab18ac0a5144990a5faef5fafb628c5507081d2425bc6f76dccd33c07daa589c9ef21","first_seen":"2024-04-30T18:55:15Z","last_seen":"2026-06-25T01:06:10.260784Z","times_seen":47,"resource_available":false,"data":null}},"time_used":589,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":589,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/zelcore.jpeg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.830Z","timestamp":1782349533830,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/zelcore.jpeg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-295c\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10588,"size_decoded":10063,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"6a4044028d98d908bc4d3f2e76b61fed","sha1":"c2370c24e4646179560da04606cc6447ad01b393","sha256":"ccd37abc2fca779dc434b5b90e17e82676602a751911af95bb1cdb4f9efb16ba","sha512":"f3e56fb8aac2553749de6bc68a41283e0816ac4f8c12d3589498c6cb1b6e5d7bd98ff594f3839d3666329c7d903a01826f2b6b07f4080519e08f2d1311a4d37e","ssdeep":"192:TykOOAwKG1FF7oLTLDNoMfvCTqDvGucJ6nBKmvvdK46nRmLvh3WitLb5Jz:Ok3nFF7ah1fHuuxnBKmsBEHJz","tlshash":"4622cf923f4078a5d9e3c3ffe1ea5249ba97bd223e50496e36380cd68138e5d024e746","first_seen":"2023-04-30T19:28:18Z","last_seen":"2026-06-25T01:06:10.263279Z","times_seen":513,"resource_available":false,"data":null}},"time_used":513,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":513,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/font/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBHMdazQ.woff2","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:34.976Z","timestamp":1782349534976,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/font/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBHMdazQ.woff2 HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://walletsync.one/static/css/css2.css\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 34668\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\netag: \"67becf1d-876c\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":34668,"size_decoded":34940,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 34668, version 1.0","md5":"4746809ed1c17447d45d2a96c64796d4","sha1":"300a3511100a2ea1fbf43bf329855e17da1f4532","sha256":"8139a402ce239285716452e5668bce94bbf240b433fcfa2e154aa7e4d240445b","sha512":"28c2ae34437a02c99282a2e0cf8c3de11bfa07b55835068c82578dac1947dd3a74ab904cfdae0ce1d14767d601884c2e8f577025f647cae4a06c8dee220cbb61","ssdeep":"768:btpz8R5UTJqgQ3XvFF1LTbda57GqOWBR+LEPP:Jpzk5qepLTbda571v0EPP","tlshash":"35f2e1816c1c7085da4951f9cda50bcd46ee86f98d3f6d2118613a38e6c802f47f97be","first_seen":"2025-01-09T20:17:59.500754Z","last_seen":"2026-06-30T05:09:10.257764Z","times_seen":23928,"resource_available":false,"data":null}},"time_used":163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/fantom.png","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.743Z","timestamp":1782349533743,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/fantom.png HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-6264\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25188,"size_decoded":23273,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"8a4756b8cbd8f968e082bdc2f8289f26","sha1":"06fdf5333997e0d07a8cff36684334e024748b6e","sha256":"cb6d2d7a0ef8c4982195f42c9e9c8f349e39f2580932b86a062f03ca1066ac50","sha512":"361669d6d3f52c2299e81a7f82b440d34f33e0cd02ea8ce714714b95204c25177c0def31ef8f04d1651b75c21fba86a19899500a180fcf5f05d5b3e4d782c3c7","ssdeep":"384:PwRureUaFUhHdqHQ3Lg45mZXkP2ZPLhpw1WKyXpKNLWdxhDWRUhoI6t91E:4RnUgUFkEg45ue2ZPLLw1WKBiG8fk91E","tlshash":"ceb2e0a752f4eccd3fa899937f09e02ff18915fa07ed4c059260b90fd088d3555a4d96","first_seen":"2024-01-08T00:36:04Z","last_seen":"2026-06-27T05:19:56.376932Z","times_seen":81,"resource_available":false,"data":null}},"time_used":590,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":590,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/swift.png","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.811Z","timestamp":1782349533811,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/swift.png HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-10b6\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4278,"size_decoded":4489,"mime_type":"image/png","magic":"PNG image data, 88 x 88, 8-bit/color RGBA, non-interlaced","md5":"718b36878148b03b8927a890615c89b9","sha1":"2119b627c696ae4a612a1191a2b575f2240c4d34","sha256":"cae62e4a656a7b791c425ee244bfbc9ed2b3de6a4afcd0b50821bfaf19eba427","sha512":"07be7141c66ca984f8c4bbefe2b28e1c9071912436bd9a04ff244777d9924bbf0ed28509c23ddd932fc82168b4fafd74f39a1e8adb03028cfc230270b9c68025","ssdeep":"96:a5aYq6ADJ45pfp2xDnsSjlg5YBueSq0tRB96kDnjO5SN:a5aYqfCpOBWYBZSdt7gE","tlshash":"05914c0bcae977dd4f08f8f9d52d4632ac752ff0186f0d4276291e0e99d306887b1a90","first_seen":"2023-06-13T13:09:47Z","last_seen":"2026-06-27T05:19:56.355202Z","times_seen":154,"resource_available":false,"data":null}},"time_used":531,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":531,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=walletofsatoshi.com\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.353Z","timestamp":1782349535353,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=walletofsatoshi.com\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t3.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://walletofsatoshi.com\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 340\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":74,"timings":{"blocked":19,"dns":0,"connect":0,"send":0,"wait":55,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=templewallet.com\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.356Z","timestamp":1782349535356,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=templewallet.com\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t1.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://templewallet.com\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 337\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":70,"timings":{"blocked":18,"dns":0,"connect":0,"send":0,"wait":52,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t1.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=templewallet.com\u0026size=128","fqdn":"t1.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.711Z","timestamp":1782349535711,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://templewallet.com\u0026size=128 HTTP/1.1\r\nHost: t1.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: https://cdn.prod.website-files.com/650900ffe9db068e47c2b612/66d873b1b7480b2b0fa1607c_TKEY_Logo(2).png\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 2114\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:35 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Tue, 26 Nov 2024 07:20:52 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":2114,"size_decoded":2983,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit colormap, non-interlaced","md5":"78c33d2c1b457ecd7395a492ef05ab74","sha1":"5e5ddcbeddcaeacc09fb3afe450f2cfeee8e3dd6","sha256":"186dc501450944ec7cb58b31cd874dbe1aa04670b9b24898b43fd442994603ec","sha512":"7512f7f1be7391372e9c7295dc080a29defef31156732231e70919cee8ac54faac54b0223f1f02c2f825a32d11213a4bce6471a6734f9b86613dc4efe4797898","ssdeep":"","tlshash":"9a414cea3421b87c5a311fbc02f717bf7203a50c1a948a0376cd967a135074cc0632a3","first_seen":"2026-06-25T01:06:10.273213Z","last_seen":"2026-06-25T01:06:10.273213Z","times_seen":1,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/css/bootstrap.min.css","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.680Z","timestamp":1782349533680,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/css/bootstrap.min.css HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 23 Apr 2026 16:09:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69ea4457-38aaf\"\r\nexpires: Thu, 25 Jun 2026 13:05:33 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":232111,"size_decoded":32186,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65342)","md5":"1b1cb0e2be9a21f091a87691f20c6300","sha1":"7575987f70ee5c91f6a0e771b38c6507e457ab61","sha256":"d85327d99c7a3ee1f9b5d0500d1370acea3ad2db39c163c2f51f232baedbdede","sha512":"d9b0500a3727c3ae7c2e1a389e55c971ce96915fd4c6913fb00a246d73f140d1aa98d750ad6aadc36e8db3d90517fc86efdda9291d52c7cfd8d4b7f55cde0628","ssdeep":"1536:i9NnXGi9GfJkfvq5wlP7cQZDR9uRV982sYRElV6V6pz600I41r:EnXp9GfVV98II6V6pz600I41r","tlshash":"123482d6f590317d9ca7c1499681fefd896fa985cb120aa6f003776807cabd30962dcc","first_seen":"2025-09-04T15:51:36.002152Z","last_seen":"2026-06-30T05:23:26.007655Z","times_seen":3734,"resource_available":false,"data":null}},"time_used":329,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":329,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/hashkey_me.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.794Z","timestamp":1782349533794,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/hashkey_me.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-258e\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9614,"size_decoded":9619,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"df8b9be6ab001c952141bcc0d2dd3a18","sha1":"dcdb9772083c0f2d339681a1585df3cbcdf95aab","sha256":"cad836e38abd3a18bc965f97dea766e39ada552a301ed8144c8516101ddfd0a0","sha512":"3de4d38b6e0380bc30b7eef8d726ef66b8c16df84385b6378aec1bed7f718398f9a497a101a210048096e463288de8c75cedb8506277b18b1e71de6b5efc0e22","ssdeep":"192:vI/kesMj3sdYv3Yj/TVlMF+kAehO27g8qh5cF13ZVxLD9qXV7X:wYWsGYD3M4kAehbe5cF13ZVxLDgN","tlshash":"3512cf67b81ec900e795c6f4894208e9cb20df16d6ddb54f93bb435a33502283c7807a","first_seen":"2023-05-01T21:31:16Z","last_seen":"2026-06-28T11:50:27.571616Z","times_seen":718,"resource_available":false,"data":null}},"time_used":544,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":544,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/mewwallet.png","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.835Z","timestamp":1782349533835,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/mewwallet.png HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-3d21\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15649,"size_decoded":15713,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced","md5":"6ac4d31e90b7a0df536ec84655261ceb","sha1":"68f8e7ad217fd33fbad1a7e200fc937d9e35f457","sha256":"2e868eec92fdc3c15c25f523b0d24bb9a2a52999ef88ce83edb3a469a4b16393","sha512":"4d4bad85c87f519f9fd219f26a80e94014966fd8ff9676ac56991ee233d8d772e4f559a09ff5ef1618036d208baba28b530e2780446373f4bde7a78f5afbd610","ssdeep":"384:WOZ/i5fbvsLM4dy50xa57G8vtbVSq/W8e6HTLqVn2DSDogg:WiSoLTIOxa5Pko9DWc","tlshash":"f662d0fbef4616ffc3fcd479781998a09d000b1fd38f039ac14a811735604e494aa6d6","first_seen":"2024-12-24T01:05:45.532475Z","last_seen":"2026-06-25T01:06:10.280812Z","times_seen":14,"resource_available":false,"data":null}},"time_used":498,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":498,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/compound.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.759Z","timestamp":1782349533759,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/compound.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-1181\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4481,"size_decoded":4674,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 225x225, components 3","md5":"23ff239ad1d464afc2ad1dbb20868b4b","sha1":"678a65bca79857f84e9e57f5d026c8d82c46f043","sha256":"3d123029f25bd3d57d65da1e43dad34fecbfa434200be816cff84d8fb8cd392f","sha512":"b6fe985b76dac6dbd179b0a810a9768e93774270296d32cd594cd4399eab4ea4941a3de89e54c37257e74902fdc566203957e18b170595547e756a1f83fcc9a7","ssdeep":"96:sbTEzfVbc1rEe020Ho9p9rJ7LG0lvrU7XsB82jWCIk7Rq:aEzfK14e0qnlJdlvrUbs+Aw","tlshash":"f6916da22ff02452d6b27d3884b70f0e18fb275785fe8e11d39ad559e36e61c0c0d685","first_seen":"2023-05-18T08:37:01Z","last_seen":"2026-06-25T01:06:10.283611Z","times_seen":197,"resource_available":false,"data":null}},"time_used":575,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":575,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/iotex.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.761Z","timestamp":1782349533761,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/iotex.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-a618\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":42520,"size_decoded":42459,"mime_type":"image/jpeg","magic":"PNG image data, 300 x 300, 8-bit/color RGB, non-interlaced","md5":"3fe53678156109a5573577b455372e2f","sha1":"0c3770a0a4de09890bdb9f96c145a310969e55c8","sha256":"a401620f0e23dd13672366ef07827f8a40f5152b32d90251c0dedef15673260a","sha512":"da332d689f1c6e501ad94722c9ac3becaf1b264ee914d792e78a16d4c706051cde0dd40f5eb8ee32466bb9835a2d1dafd871943605ca41110b4fb9aa074d665a","ssdeep":"768:fpOnNNHXw6Ot9XPxw7De9zFp3HtsB9QAwVsmVcClQTJ3Z/W/jtUv022k6hP3zcmu:fpKw6ObXPxw7kp3U9zwVAClSnertYr6y","tlshash":"4613f2d689bc8346e2f9f2e71b9f0f6654354f701b53052726202cabe5da4d01a8d8ed","first_seen":"2023-05-04T02:59:55Z","last_seen":"2026-06-25T01:06:10.284473Z","times_seen":327,"resource_available":false,"data":null}},"time_used":574,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":574,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"t0.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=pontem.network\u0026size=128","fqdn":"t0.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.561Z","timestamp":1782349535561,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://pontem.network\u0026size=128 HTTP/1.1\r\nHost: t0.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: https://cdn.prod.website-files.com/60536b901b879c2f395d75d0/60536b911b879c25ed5d75f9_Frame%2057.png\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 2122\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:35 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Fri, 29 Jan 2021 16:14:34 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":2122,"size_decoded":3009,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit colormap, non-interlaced","md5":"8810632dd25c9ec172be12af3a83a5d3","sha1":"7ac211cd5a8595c8986441b630c3877e487f4ae4","sha256":"f5dd7f937a39ab7db3eb8d6eb94a27dbe37af3f5d4a4478dde45640191e426df","sha512":"f558b23cb0244dd114930543acaa9ff765089dbec4dc6e59817cd320e324168091107fa6cc7d544a3bf16877c93474ddbd5478a7df10de7c677f5f05448804d1","ssdeep":"","tlshash":"09411a88e77c3e0981b37671d120037281010b5c16bc7ad4d25a886848efa5cb7199f7","first_seen":"2026-06-25T01:06:10.287785Z","last_seen":"2026-06-25T01:06:10.287785Z","times_seen":1,"resource_available":false,"data":null}},"time_used":69,"timings":{"blocked":-1,"dns":0,"connect":16,"send":0,"wait":27,"receive":0,"ssl":26},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t2.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=keyst.one\u0026size=128","fqdn":"t2.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:36.380Z","timestamp":1782349536380,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://keyst.one\u0026size=128 HTTP/1.1\r\nHost: t2.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: https://keyst.one/favicon.ico\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 1153\r\ndate: Thu, 25 Jun 2026 01:05:36 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:36 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Tue, 14 Nov 2023 03:42:50 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":1153,"size_decoded":1950,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"dd07596b2859b7b65601618da021019f","sha1":"43142ae473a34dda4ea1d067e972460ea7c4c072","sha256":"e6a81982d3fb121d947d268c8da7518eada5fcdc8339de4dc089b5b884a63394","sha512":"15711b85f23662b28b2aa7bcbf9ec94c5fe1d55f9438aa988d347ba0bdc03152414fe390c342fd89cafc2872df47bbdfb855f2a7351091716284477296023ea7","ssdeep":"","tlshash":"7e21c67294c55cdfd07c523a806326e8afdf2504533032a2dc3973a7803a6e0e48d19f","first_seen":"2026-06-25T01:06:10.290159Z","last_seen":"2026-06-25T01:06:10.290159Z","times_seen":1,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/vision.jpeg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.809Z","timestamp":1782349533809,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/vision.jpeg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-378f\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14223,"size_decoded":14064,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"7a3f8604d0180dce60d9116ef41bda25","sha1":"ba358d85cab3fdf2838ef6268cc173977cf9b9ec","sha256":"5926a4242b7d02774774b2ff085188fb310605768226c32976c26cd280c6feb1","sha512":"5326355fb82169a9904158f6b848d2ab44c905d85b98d2e1d005e60de5abe587899e0d56867c8cf3bce60f984510c8881517e7158d95fe67eebb0ab4d5b07d81","ssdeep":"192:qOZhvU+VbjZXgPzCsIovrzwMMgdNdubQw34/D0CEaAipN6U3UGuKV:qOZVTjQnnr0MPBA3QDDEaFpkmbuQ","tlshash":"a652bf17bd0be107b247d93a4715305873261a0418466aaf5ca42dfff16d0ddaec7931","first_seen":"2023-04-30T19:28:18Z","last_seen":"2026-06-28T11:50:27.664799Z","times_seen":608,"resource_available":false,"data":null}},"time_used":533,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":533,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/xaman.jpeg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.832Z","timestamp":1782349533832,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/xaman.jpeg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-1b55\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6997,"size_decoded":7314,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 204x192, components 3","md5":"d5d43344a0443669bd7c81891ee79dbb","sha1":"7fc883440ffd648109ad215e7ffc1aeaed29f0a4","sha256":"2bb69c293a1c0dc3e1c968b9b247fa1c1bfb0bc980118919c3ffc45d3c75a7f7","sha512":"4f82f1d01728b13e9eff544eb5d34cd81d0dd24c92af3bd465b15934d55179bb2867c463a1dfd0e0e60c56e1fd43f1ba5ac090da2af00f523f342669a109ca56","ssdeep":"96:NECYUvywbLObembYDYYABhOutKIO/Vbxg1mGFDWkaSasRr7vfUMFgGR1QWu1ZGY:NEDaywebembYc9OutKIehqmARPUG4GY","tlshash":"60e18d716a185b36bdb826ffca0f7d651109c80ae4d05b98c1b8b1f2a5ec9d248b01e1","first_seen":"2024-12-24T01:05:45.528974Z","last_seen":"2026-06-25T01:06:10.292646Z","times_seen":17,"resource_available":false,"data":null}},"time_used":511,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":511,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/best_wallet.svg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.729Z","timestamp":1782349533729,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/best_wallet.svg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-bc7\"\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3015,"size_decoded":1526,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"7906b0879a7b0356d1d047c73afcbd43","sha1":"025695cc05323a1c0571425e6d971472d335ed3d","sha256":"756badaaa72504db2fb1621dd52b26ff6ed8ea8d15c540059c4bf4498f8f58f2","sha512":"09c58359cc7ccfcd075be5daf6fb8f4d580755cefaa177b5c8fac39dd83bc47081109946c91d8a3f7be170cd3e7c485797b36c97b294f418ab1e59ec100f6231","ssdeep":"","tlshash":"4d51726af35baab9fa0cc7bc8259183631461bf67243c0a2d2c9ae0d94208dd1d1cdd7","first_seen":"2025-04-26T11:11:47.02978Z","last_seen":"2026-06-25T01:06:10.294474Z","times_seen":6,"resource_available":false,"data":null}},"time_used":602,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":602,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/pillar.jpeg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.834Z","timestamp":1782349533834,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/pillar.jpeg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-f72\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3954,"size_decoded":3059,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"56303a528c3576d6b1b01eec7f9b7935","sha1":"72114fcd129d3b209fc9cd26c3e3cff285eb4440","sha256":"83aa1951815cf7cf6c2e10ea5d3e9e0f7e4937a34e36a355518c71ed65f8632d","sha512":"1ded0fe7cf95bcdab79f5eaa0f8b753f27a3b3add16390ff9a995f8287e167b56c6e88b13f6ed85bc375407d04c133d6f591454806385f9afa1d0dea9c44caf5","ssdeep":"","tlshash":"e6812a5e794367d2d5fbc975e1112cb2b9aae73b703c028f506e1271bca29d43d1b284","first_seen":"2023-04-30T19:28:18Z","last_seen":"2026-06-25T01:06:10.295954Z","times_seen":518,"resource_available":false,"data":null}},"time_used":509,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":509,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/electrum.png","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.735Z","timestamp":1782349533735,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/electrum.png HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-2a932\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":174386,"size_decoded":173505,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"86b79dfcb64de8ddffdaf1bed393c9a6","sha1":"c78609ffb571ba419ca1d869bd03ce8a3834b03b","sha256":"9e68b49c2aa7e6fbf7f456ce20b18ba98d6f85a0161da240901d4a7dba464cbd","sha512":"b7cd296707fee4b4c3a21989ac613d3994a2e60934372a22b903c0fe9e585cb1940f78dd8d4b93d2cc56bab5f38908193e18bfa00514c1381b0dc9e4dc84bbb0","ssdeep":"3072:m4EU4nvqLgn2cQtfeafQuJt5ioqmfdXV11gMdHtTeu:Mvqk2T/Jt5ioLf1V11gMJ8u","tlshash":"e004123932728655cc30a6e50cc2cfddee679b1552f3a2937740cfe8988e263e55a342","first_seen":"2023-07-16T13:22:02Z","last_seen":"2026-06-25T01:06:10.297204Z","times_seen":30,"resource_available":false,"data":null}},"time_used":597,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":597,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/alice.jpeg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.827Z","timestamp":1782349533827,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/alice.jpeg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-14f6\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5366,"size_decoded":4898,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"8bc5a913dbf1c2654291e7c8dd79fcef","sha1":"fbab256c104e7bbd79e6091aab66569f305d9a0e","sha256":"738d8ca9ed27d8046f72f47ea4125316906730fa2013853f0dcbb72b60215e00","sha512":"c38eae7325fb911acf3fc66b2ca20956506c16a9101ec5c0c0de2d82c3a9738d4bb4ad341435a0209ccd74af0e8661315778c0fb8d9e47f4a2e919da17f4b01b","ssdeep":"96:rYxOccIo7qILIWLcByAeyn3oc7WHXEHFHBajvuYlXGPa12VHdlpCRtZg:8xiN9Geyp7WKJ4jvvGPVC7Zg","tlshash":"54b18eda3980976af636c5f85cfa59771af583ccdc6fe38d50d328843aac10319912d1","first_seen":"2023-04-30T19:28:18Z","last_seen":"2026-06-25T01:06:10.298886Z","times_seen":497,"resource_available":false,"data":null}},"time_used":516,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":516,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=keyst.one\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.327Z","timestamp":1782349535327,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=keyst.one\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t2.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://keyst.one\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 330\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":89,"timings":{"blocked":22,"dns":0,"connect":0,"send":0,"wait":67,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=pontem.network\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.340Z","timestamp":1782349535340,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=pontem.network\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t0.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://pontem.network\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 335\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":69,"timings":{"blocked":21,"dns":0,"connect":0,"send":0,"wait":48,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/alphawallet.jpeg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.828Z","timestamp":1782349533828,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/alphawallet.jpeg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-1f53\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8019,"size_decoded":7388,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"1d752067fd0a03d24ff63d31564698d5","sha1":"77af8c998069936dab91443300789a942b6ec9b8","sha256":"55b2c6cea21efbc330f23f354de2d1938b30baed8591159a5c34290904b153ba","sha512":"eab48aa86dbe5fe23cc5c5c79aeb016a4ccf5a9e354dbee87f689a78d93bd81f8f96d92f62a7deb338752a51da5ac108b96858c6e32605655726881a85f9389f","ssdeep":"192:tYkcnsCHrMum1Xy0gj+zjglYFmknq8EQ5m2:IDrDlzjJ6L","tlshash":"96f19ea0beb19c98dc46e47dcf5ea46ec9241110fe37829deeae57004b39120aec3659","first_seen":"2023-05-01T21:31:16Z","last_seen":"2026-06-25T01:06:10.300345Z","times_seen":398,"resource_available":false,"data":null}},"time_used":515,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":515,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/app.html","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-25T01:05:32.742Z","timestamp":1782349532742,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /app.html HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: text/html\r\nlast-modified: Sun, 10 May 2026 07:32:03 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a003473-13770\"\r\nset-cookie: server_name_session=267f4129cc7a480570513e1e76747a99; Max-Age=86400; httponly; path=/\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":79728,"size_decoded":12375,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"1ff182f8ef173d9aec0c10dfbfcbb456","sha1":"694139679ff63d207544eb0c004dd4c236766bed","sha256":"9228e6f986ec0b3396aa76e62bdbd440eff17873778db1b03a0d3dbe9fe723b3","sha512":"94e2a5f3471a32d3ce215bdb81a6d2e47144d637647e5c4b5e4aca356df6d7ad7470ad15fcd8b3ae0bcd869e7561777f2389cae50e3f387723edd2e2f8818c31","ssdeep":"768:TJtmMXaeBp8PjO/G8H3FtpwjNhJJFBpR/GwkDcGhRP113b:TJtmKdp8PQGyhRjb","tlshash":"ec73102065f6673314b3f6a46a921bed7ee0a5038d2b8951bfec0bd15f93c4acd63508","first_seen":"2026-06-25T01:06:10.301052Z","last_seen":"2026-06-25T01:06:10.301052Z","times_seen":1,"resource_available":true,"data":null}},"time_used":500,"timings":{"blocked":-1,"dns":4,"connect":161,"send":0,"wait":164,"receive":0,"ssl":171},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/coinus.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.787Z","timestamp":1782349533787,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/coinus.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-20c5\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8389,"size_decoded":7357,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"4ec234cc3ea40eab22fbd7e160135d21","sha1":"206403657d09a02e55080f12a395e80d3b5d8654","sha256":"e4618b1223a9b7e381764e878b7c650099381850d73b8af78416a275ac636679","sha512":"2bcc58a7e43c207bc5fb745ddefd738e7b5e9091373be180dcdfa8594c37c30a94cec1e73bbdac1de133d638df33dcd3c53a433c454035301748157105543d3a","ssdeep":"192:+jpvYISMCbKbVJpB+rAUWFlsBw3QJ9AvfOlZwNTHz:+x1ShbKbVJpB+r/WFls3ivWZcz","tlshash":"41027e5af7eb53a5d47df131881680347e1a0e203970b41f96d03b5a62b43fa1cbb9b2","first_seen":"2023-05-09T01:47:42Z","last_seen":"2026-06-25T01:06:10.302079Z","times_seen":235,"resource_available":false,"data":null}},"time_used":550,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":550,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/cosmos.png","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.745Z","timestamp":1782349533745,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/cosmos.png HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-1738\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5944,"size_decoded":6311,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit colormap, non-interlaced","md5":"9b46652f2c622a06f9cd51ffdcd3f48e","sha1":"5d05166f01b6c8bd2366532a533f78da490b80d6","sha256":"dc5c2d0bd18ed4f4def21b6459f4eff45c04991c7662d05a72399fe655f71b44","sha512":"593a181b35010808953b94274782825750726bc0082c2aba453a6d1a29bd82551ebeb8d88fceefc4ad60a3c5b83b23d67c0942b6ded3ea4db95146c3c2e1f732","ssdeep":"96:sRHEgDj+rDipCok4znZlT8mczho09vkkIPrF/pXDsLL/VtiSB0oVqWf7f:sBEBrDip8ITTJcJ9RAplMiSaoVzz","tlshash":"e9c19e9c1f1d066e8c8a08545fdd9635a5c0227ecfc988e66ba88502656ce6ff385884","first_seen":"2023-04-24T06:58:20Z","last_seen":"2026-06-25T01:06:10.302676Z","times_seen":200,"resource_available":false,"data":null}},"time_used":588,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":588,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/rwallet.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.794Z","timestamp":1782349533794,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/rwallet.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-26b5\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9909,"size_decoded":9479,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"334d2db9a560f966534d8a297cfbca74","sha1":"1107fab8ea68030a2de08516e28ba185d37445b1","sha256":"35cb4eb66e9b789c8ed54c150fae469d2844703d18288a0e50a7e1375ef863b8","sha512":"68a65ec29f090634649d6fe3abf6239aed2a8d5e745718dec73759d3fbd9974190e8af8d737bfecda84f315608ef1d05862a0336b47403f19dffcd921c9277a2","ssdeep":"192:hLA5D9p7cIfWdYnvYSm7JVFXFdgo6TYZkGX8NMT8vDqVXyY3g3xgUnF7s:hLA5RpfKYnvYSmNVFXFdgLTYZkZMTm2v","tlshash":"88129e583181800cdd0fe737c4881c2ab6ae8c726b0db9cd0695c2daa0774bbef43876","first_seen":"2023-04-30T19:28:18Z","last_seen":"2026-06-27T05:19:56.450965Z","times_seen":693,"resource_available":false,"data":null}},"time_used":543,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":543,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/ownbit.jpeg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.818Z","timestamp":1782349533818,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/ownbit.jpeg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-26e7\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9959,"size_decoded":9803,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"541bb2e5e029df0653025ebe623f30d2","sha1":"651cc837b8f896bf73a4306e1b0151ed077c622b","sha256":"0773eeb40c38eca3d0c636bccb0bae0ab94f213fe0b76bc29c0eb5eab1792e8e","sha512":"0eccdfa002330242cdd0aaaed51f889bff918d0adc1715bfcc0e585010df50d25c62243391c4c336e92e050e989413c8241f31db3b317d65768fdfc19bf3fae3","ssdeep":"192:Us89TlzqT/hd/jo83HbbRz9JluVGfr9q2ZBbJxIxeSda:Us8PGT/z/j53PR57uV8q6JOeSda","tlshash":"07229e4f3a39660cc931e87d189f147f34961fad498246ac6433c7d2e85a0ea8985a1e","first_seen":"2023-04-30T19:28:18Z","last_seen":"2026-06-25T01:06:10.305401Z","times_seen":664,"resource_available":false,"data":null}},"time_used":524,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":524,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/equal.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.825Z","timestamp":1782349533825,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/equal.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-23be\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9150,"size_decoded":8737,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x350, components 3","md5":"afd575051825f392b4d9307de977a301","sha1":"c727fbb2f1fd7f6007903184631243db95e8d1c9","sha256":"b88d43944126f8ff60a4bf3e118326a45ce1e5ff089e70d15433e915f182da2e","sha512":"5d185fdc6cb4378d6986ab78f6628746d137abaae99e4b70a90bfce2f4b58676cf681772dba250d033cdae1ae0918583d5e5db8f3e35d57237c72c6d5b23ea43","ssdeep":"192:+ww+Dvt9GpY/9hhcc6s3hBF71/iPZGY5iOpTubuL8F:+wppmUhhcjQZwZZXpubuL8F","tlshash":"87128d077f0aa144e40d1b71eded4b28d66b9e214e96b367f6210e022bde0f111d03da","first_seen":"2023-05-01T21:31:16Z","last_seen":"2026-06-27T05:19:56.35233Z","times_seen":452,"resource_available":false,"data":null}},"time_used":518,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":518,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=ngrave.io\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.331Z","timestamp":1782349535331,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=ngrave.io\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t1.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://ngrave.io\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 330\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":69,"timings":{"blocked":22,"dns":0,"connect":0,"send":0,"wait":47,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=suiwallet.com\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.360Z","timestamp":1782349535360,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=suiwallet.com\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t0.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://suiwallet.com\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 334\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":68,"timings":{"blocked":18,"dns":0,"connect":0,"send":0,"wait":50,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t3.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=bluewallet.io\u0026size=128","fqdn":"t3.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:36.011Z","timestamp":1782349536011,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://bluewallet.io\u0026size=128 HTTP/1.1\r\nHost: t3.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-location: https://bluewallet.io/uploads/favicon.png\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 649\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 22 Jun 2026 08:50:36 GMT\r\nexpires: Mon, 29 Jun 2026 08:50:36 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Mon, 02 Jul 2018 18:33:05 GMT\r\ncontent-type: image/png\r\nage: 231300\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":649,"size_decoded":1470,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"de947055cefde7402ce763e2256d646a","sha1":"8351de3a887c77d24c225897d75ce5df64225acd","sha256":"229b66f927ad73611be46faa9f8d8fc5205cfb188ceea713258aae1b38b70f5c","sha512":"14363e5eaa412de08679f17488f1ddd686005087bc9ad79a6b28e2d51b60d0372183e5c15b73a51c4f058d7c728a4ae6b6b73a3ec52281677f890cc67a6ed3d0","ssdeep":"","tlshash":"8af023a9a7e4f865cdd15307a8128125849b7b025e6cf31905c122c683560d690acda1","first_seen":"2026-06-25T01:06:10.307288Z","last_seen":"2026-06-25T01:06:10.307288Z","times_seen":1,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/js/jquery.min.js","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.683Z","timestamp":1782349533683,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/js/jquery.min.js HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 23 Apr 2026 16:12:41 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69ea44f9-1339c\"\r\nexpires: Thu, 25 Jun 2026 13:05:33 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":78748,"size_decoded":28146,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"a8e7cabd4d49dfaf0146678ee147dfc5","sha1":"b19b077cdc2cf89c66a644f0305ef4959f8472bc","sha256":"39a546ea9ad97f8bfaf5d3e0e8f8556adb415e470e59007ada9759dce472adaa","sha512":"f0b10d35b5e6cc8fc66e3f8ec179aa47a57841a500c34fe9a2b3f3cb5f9d42826a0b424f1de756a1ed030ce4cbdae1c0e575c9c88b0fb623071fcea95656b2e8","ssdeep":"1536:QmGY6OI1mwxklLhClYsosYKq8s1PS0dakYBF0fIZ5+ONtQCcq6RXu:Hgm1ClYsosU88PDf4wyN6RXu","tlshash":"d87309ddb2c6b06247a760b9407f950bf236194d384d8910f229e4e9bc74a4e827bf7d","first_seen":"2026-01-22T11:09:04.33239Z","last_seen":"2026-06-30T06:57:04.677346Z","times_seen":3688,"resource_available":true,"data":null}},"time_used":488,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":488,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/hash.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.740Z","timestamp":1782349533740,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/hash.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-d80\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3456,"size_decoded":3769,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 166x166, components 3","md5":"e067d29462ce8093f369cf24a2cdf2f9","sha1":"6ae74b3c7f261601d408cffa64988d7c467bfb03","sha256":"994aa520ef9778d6ad674ad9454b58826e84446f5bf2307b49d015b368cd2246","sha512":"3c5490132608d49804a6a907f9ab8d16488dd9e22088fedfe2a69ee09bf928401e6548c855eff1dbe0baee7acb69625a5f69a9c0a687ede49e58816e201c1377","ssdeep":"","tlshash":"54616c6390d1cb35f635b37c2a28133d32e54565da906f531852071066dd8baf8fa32c","first_seen":"2024-04-30T18:55:15Z","last_seen":"2026-06-27T10:02:40.574398Z","times_seen":102,"resource_available":false,"data":null}},"time_used":593,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":593,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/huobi.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.757Z","timestamp":1782349533757,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/huobi.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-1fe3\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8163,"size_decoded":8385,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"8889adc3b016ba70946e7f291c6828b2","sha1":"0181da136b5229d07374501217be5d7e3faadf15","sha256":"e52893600547ae340a528bfa7400e5b94536e5153f66a2f966898a3a441ced47","sha512":"bb3c28d2d8f99edf068d9494329fc119bd15b20688980f6ff44d6a39122b65e195a7002a5c7f41f8e491619ea16921bddaa87f0360b4c77fc36e540d83142d48","ssdeep":"192:FBJsqB5Ib6H408BAthFUg34I/mzvePO9SxfmY4GUJxK:FBJsqbYbBtg3jdu1HK","tlshash":"b0f1ae3e7ba4bf02d156fd304eb193aef53d006ab725732e905450b651b613e604fe98","first_seen":"2023-05-01T21:31:16Z","last_seen":"2026-06-27T10:15:41.408629Z","times_seen":644,"resource_available":false,"data":null}},"time_used":577,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":577,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"t1.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=zengo.com\u0026size=128","fqdn":"t1.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.444Z","timestamp":1782349535444,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://zengo.com\u0026size=128 HTTP/1.1\r\nHost: t1.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccept-ranges: bytes\r\ncontent-location: https://zengo.com/wp-content/uploads/android-chrome-512x512-2-150x150.png\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 1188\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 23 Jun 2026 08:24:35 GMT\r\nexpires: Tue, 30 Jun 2026 08:24:35 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Sun, 24 Sep 2023 15:31:17 GMT\r\ncontent-type: image/png\r\nage: 146460\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":1188,"size_decoded":2062,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit colormap, non-interlaced","md5":"d0a901f2e3a48f30aab4efd141aaea75","sha1":"74a792838860a9328231d514d3a90dc03b21fbf2","sha256":"170c9906402fb0aba9e3632343eb2ed3b9574cef615b0ba579d7084034cad554","sha512":"cdedcf58170620837c8f6a85f8821eb9fe097fd55d26ee4c72ce90d3d16912b4524ce6b6e43e361c533a203c560de452d9a3e4e1b202cad0054e958535c00bc5","ssdeep":"","tlshash":"6421d7eb601418b1407d34b35a0e2218dee2e7e4a54eed393d95a318153e030b75cf19","first_seen":"2026-06-25T01:06:10.310413Z","last_seen":"2026-06-25T01:06:10.310413Z","times_seen":1,"resource_available":false,"data":null}},"time_used":66,"timings":{"blocked":0,"dns":3,"connect":15,"send":0,"wait":16,"receive":0,"ssl":32},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t0.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=leapwallet.io\u0026size=128","fqdn":"t0.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.882Z","timestamp":1782349535882,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://leapwallet.io\u0026size=128 HTTP/1.1\r\nHost: t0.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: https://framerusercontent.com/images/7LvxXHRJU7jvz7kOO1DaSBC5UY.png\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 1641\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:35 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Tue, 14 May 2024 14:55:08 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":1641,"size_decoded":2476,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit colormap, non-interlaced","md5":"84f45d62bff0676183ea8bd389abdf93","sha1":"023bc91f63b246335b4e87e6703655d08e87f85b","sha256":"a50e9a09890775019b8845e993399b1dcadb45af19c65e24f8ba702f036ab427","sha512":"6d7762ef32d75a17a55f5bf929761fbc56d341afec0d10da8d2d67da5f12cd60df1fbfc51498b9cb76c052b68c4bc08f0631ef8664c1792f4b80166f8f7496ec","ssdeep":"","tlshash":"ab313a61237f2d29cf1141c5bf877430c33ad12baa26d94131a738f1096daa495e27d3","first_seen":"2026-06-25T01:06:10.311443Z","last_seen":"2026-06-25T01:06:10.311443Z","times_seen":1,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/polygon.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.748Z","timestamp":1782349533748,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/polygon.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-13aa\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5034,"size_decoded":5149,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 225x225, components 3","md5":"fd94329c78deac6b68e263f5f1b349b0","sha1":"fbbc73dec803d8ebbc77ba4b98907855aad40d14","sha256":"9a2b584e3dfd7e3953e9078e835bc389a69ce68687fc82bb65fb786b93e1ce39","sha512":"4e3e11e05ab7c7b01ccfa476cdc9954b0c01612d869e48bc05678356190ec92bfbe1a69bcabef91423e31f6722427ae037c43501811f300b9fab10c26c3fcee5","ssdeep":"96:jThv0UjiChXU6UXuvsOBREmyWrqH64tV4Y4zyME0:HLjzXWXuEVqq7tV4zzRE0","tlshash":"86a17e6bc8041880d41c9eb46c97733773a51094bea3be519d543c7cf053fae67427a9","first_seen":"2023-05-18T08:37:00Z","last_seen":"2026-06-25T01:06:10.312762Z","times_seen":252,"resource_available":false,"data":null}},"time_used":585,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":585,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=novawallet.io\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.343Z","timestamp":1782349535343,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=novawallet.io\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t3.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://novawallet.io\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 334\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":88,"timings":{"blocked":21,"dns":0,"connect":0,"send":0,"wait":67,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=frame.sh\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.348Z","timestamp":1782349535348,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=frame.sh\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t2.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://frame.sh\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 329\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":74,"timings":{"blocked":19,"dns":0,"connect":0,"send":0,"wait":55,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=glow.app\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.362Z","timestamp":1782349535362,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=glow.app\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t1.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://glow.app\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 329\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":83,"timings":{"blocked":18,"dns":0,"connect":0,"send":0,"wait":65,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t0.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=dcentwallet.com\u0026size=128","fqdn":"t0.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:36.049Z","timestamp":1782349536049,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://dcentwallet.com\u0026size=128 HTTP/1.1\r\nHost: t0.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: https://cdn.prod.website-files.com/668b3a82199c56fe12067652/6699f83333ac36d31cca6b56_Webclip.jpg\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 1200\r\ndate: Thu, 25 Jun 2026 01:05:36 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:36 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Sat, 12 Oct 2024 10:04:12 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":1200,"size_decoded":2064,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit colormap, non-interlaced","md5":"3acc683270edeaeea3858412b6807fcc","sha1":"854d2a895cb84bd66cea23600f27e63481f48a2e","sha256":"72d1e5b939abad52d6104cbb6e61994f69fcbacb66fc3ba088cd24a644f724b2","sha512":"a13e2e8c869cff8a0efd1fee0abab8574e79a9e450b76c2ba4042b0213b2a3779e3efaf90bf8829945b161b7234daf4295fc3976f4b35b7dee0ef334e6143e1c","ssdeep":"","tlshash":"6021a7e30eab34daf609c727568cc101dd371a582ff8bb515982f12e9d649278d52181","first_seen":"2026-06-25T01:06:10.313366Z","last_seen":"2026-06-25T01:06:10.313366Z","times_seen":1,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/font/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBHMdazQ.woff2","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:34.974Z","timestamp":1782349534974,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/font/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBHMdazQ.woff2 HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://walletsync.one/static/css/css2.css\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 34668\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\netag: \"67becf1d-876c\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":34668,"size_decoded":34940,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 34668, version 1.0","md5":"4746809ed1c17447d45d2a96c64796d4","sha1":"300a3511100a2ea1fbf43bf329855e17da1f4532","sha256":"8139a402ce239285716452e5668bce94bbf240b433fcfa2e154aa7e4d240445b","sha512":"28c2ae34437a02c99282a2e0cf8c3de11bfa07b55835068c82578dac1947dd3a74ab904cfdae0ce1d14767d601884c2e8f577025f647cae4a06c8dee220cbb61","ssdeep":"768:btpz8R5UTJqgQ3XvFF1LTbda57GqOWBR+LEPP:Jpzk5qepLTbda571v0EPP","tlshash":"35f2e1816c1c7085da4951f9cda50bcd46ee86f98d3f6d2118613a38e6c802f47f97be","first_seen":"2025-01-09T20:17:59.500754Z","last_seen":"2026-06-30T05:09:10.257764Z","times_seen":23928,"resource_available":false,"data":null}},"time_used":163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/avax.png","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.746Z","timestamp":1782349533746,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/avax.png HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-d77\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3447,"size_decoded":3821,"mime_type":"image/png","magic":"PNG image data, 224 x 225, 8-bit colormap, non-interlaced","md5":"61d2ec5533946362e1d0d6603e346723","sha1":"9d1a324b2361c5fc0ea4fb5229b41d631ab1ed1a","sha256":"1521cd3823724ce565a65301ce8cacf7b8666aecc33fa42e01602b2746ae1d98","sha512":"a1962aa04f68a6efba8d427cdbe7089af53def4ed9b68c70e400ff7ba294a3b50121d0697ce0e229789b847b6c0b0442cb13e2055de519f68ac26d5365d823d5","ssdeep":"","tlshash":"f8614c5d088910f6890a98f2b45b864ee24f449ded1515f9fe3ac13e1b0032af499da3","first_seen":"2023-11-19T22:41:12Z","last_seen":"2026-06-25T01:06:10.315062Z","times_seen":32,"resource_available":false,"data":null}},"time_used":588,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":588,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/polkadot.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.760Z","timestamp":1782349533760,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/polkadot.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-2a65\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10853,"size_decoded":11205,"mime_type":"image/jpeg","magic":"PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced","md5":"1049516a8e0ba7e46ea9ae5ecf44a765","sha1":"48bb71a1adeef9b6733dffa013388d8107644dda","sha256":"1412d9c2df9a008eab99865f6d513d269269c25e6c1e1d87cdd43c5e99fbca41","sha512":"b6b61aa27897f93c2f88c3e6598334d5fdde7fd51d74381aabcf70ac55ec55265610600ea5abfe19e1fa270c347177dfda3825a64c2abc83e0dac5d353d0ded1","ssdeep":"192:woJv0pyl4RrtkEHM1Dtt2bFOE3qRNvs1MgyWeEfQ+ImClFSUw6R+t:biRrtkVE3SmWWelv5w68","tlshash":"f822bfe9d86cc2874b11eadd4cb188fd92c187f6c0ef163848158eb6c652ca95a27a81","first_seen":"2023-05-02T15:15:30Z","last_seen":"2026-06-25T01:06:10.317631Z","times_seen":364,"resource_available":false,"data":null}},"time_used":575,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":575,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=zeusln.app\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.353Z","timestamp":1782349535353,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=zeusln.app\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t2.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://zeusln.app\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 331\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":73,"timings":{"blocked":19,"dns":0,"connect":0,"send":0,"wait":54,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t1.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=talisman.xyz\u0026size=128","fqdn":"t1.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.721Z","timestamp":1782349535721,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://talisman.xyz\u0026size=128 HTTP/1.1\r\nHost: t1.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: https://talisman.xyz/talisman.svg?v=1749994215\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 2042\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:35 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Mon, 24 Nov 2025 22:59:55 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":2042,"size_decoded":2856,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit colormap, non-interlaced","md5":"501b9830b0d6671316f6e6c30d44a847","sha1":"48aa0946aef96e0f0c0171688d47d84520a79346","sha256":"6a0ec98389cb38c7ebde2491bfeaf439b44c8454f5a537283a2532cf8367facb","sha512":"6b69b0c05c07ef30468cba91be7f41d3a78fec678bf9e3959dd88bab3f70463dbf548b30707e594754de4925ee4fad5fb1539167b34fe863d74f9e78612faa87","ssdeep":"","tlshash":"96411a0701aa9cd5e53fee27745e6f59ec581c8f578466fbb37b89081d32060c04462f","first_seen":"2026-06-25T01:06:10.320548Z","last_seen":"2026-06-25T01:06:10.320548Z","times_seen":1,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t1.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=glow.app\u0026size=128","fqdn":"t1.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.951Z","timestamp":1782349535951,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://glow.app\u0026size=128 HTTP/1.1\r\nHost: t1.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-type: image/jpeg\r\ncontent-location: https://glow.app/apple-touch-icon.png\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 3229\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:35 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Mon, 11 Apr 2022 23:00:37 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":3229,"size_decoded":4035,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3","md5":"8f6a869f3ef1ead87669d4ddf1cc8412","sha1":"7620f5deec88c91e819ad5a5b26a515031d29179","sha256":"1f492ee4d4ecfb20ec23124b08ed5d20799ab4fbaac065522dc7bedccca9e611","sha512":"b4e66b00c6708ebf4e12eb788ecfe281794119c7e8485e3e2af834763c78129bb4fdd141d56b2b71b9379b92345cd45c0533684eb337fcd4edcafbb168106247","ssdeep":"","tlshash":"83612a0be36e8711da114bb8831a1f9d9a29ac4e94089a4f4598a4c12bf70a28c676f0","first_seen":"2026-06-25T01:06:10.322276Z","last_seen":"2026-06-25T01:06:10.322276Z","times_seen":1,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t0.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=coinkite.com\u0026size=128","fqdn":"t0.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:36.382Z","timestamp":1782349536382,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://coinkite.com\u0026size=128 HTTP/1.1\r\nHost: t0.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: http://coinkite.com/static/img/favicon.png\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 256\r\ndate: Thu, 25 Jun 2026 01:05:36 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:36 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Wed, 19 Jun 2019 22:24:59 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":256,"size_decoded":1065,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit colormap, non-interlaced","md5":"c4233a2392d2db842215521cd2f66b4e","sha1":"b401301905e51083040b471ca4b186d8993e332b","sha256":"4097447788315d705c75acf06bfc56b10e19720727543ad4ee1edaec744b2d7a","sha512":"2850378234cb4d59af6e0f45d1eab52ca4706c4053e02fa25c6778fd3df0e7892eac53ade9818103e0d2c5fe65a730039f574a22bef7303aa6834d73b25a6255","ssdeep":"","tlshash":"74d02bcf9655cdf445040377a7616568d87b497806b6c99a9a14c6778142708b4d8246","first_seen":"2026-06-25T01:06:10.324778Z","last_seen":"2026-06-25T01:06:10.324778Z","times_seen":1,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t1.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=yoroi-wallet.com\u0026size=128","fqdn":"t1.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.564Z","timestamp":1782349535564,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://yoroi-wallet.com\u0026size=128 HTTP/1.1\r\nHost: t1.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: http://yoroi-wallet.com/assets/favicon.png\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 1767\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:35 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Sun, 07 Oct 2018 08:29:06 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":1767,"size_decoded":2597,"mime_type":"image/png","magic":"PNG image data, 38 x 35, 8-bit/color RGBA, non-interlaced","md5":"d0141c96ab21a328f7037f47fcf803c5","sha1":"d4d6d677687082f0777631895532beaa4dd5796a","sha256":"9c602656ae2e350e3196f9457e9e76a3e59488c3a0c68d51485fd0006977c4db","sha512":"4414582bbbb7358a6e1be5682ae30f3e6f70c43099875b38bbc4a139ceeb302ca78e01cd1d14c140bc1065fff126bcedaa522c5aa9c42fd7f7d866fae14b934d","ssdeep":"","tlshash":"da314d23b34e0c77c5a01f0e1d669482d564420f45730834edba83ba83877342a87605","first_seen":"2026-06-25T01:06:10.326085Z","last_seen":"2026-06-25T01:06:10.326085Z","times_seen":1,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t0.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=petra.app\u0026size=128","fqdn":"t0.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:36.385Z","timestamp":1782349536385,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://petra.app\u0026size=128 HTTP/1.1\r\nHost: t0.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: https://petra.app/favicon.ico\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 615\r\ndate: Thu, 25 Jun 2026 01:05:36 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:36 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Tue, 14 Oct 2025 16:30:13 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":615,"size_decoded":1411,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"3561a1c002a2c13163fc47a1d38563b6","sha1":"89f9ecbabd91bd37a76d27aceceab3a4d9b0d109","sha256":"0ce49cba6e418aedf3ff8237927da672bea3283aa6a9f7bdc6c1a66d7f4880da","sha512":"df59a9ed63ecb4a404357486482c86745c829322e3f3a585aaed3f8e8cce3f44ad0deb7346a90c9b0a6be3d55e63988964540e8808c63bde2cbe039c49e783f5","ssdeep":"","tlshash":"03f008d432532185bc1ef19954b50205e5e36c5c2def193eb44146d1752f2270b9532b","first_seen":"2026-06-25T01:06:10.327319Z","last_seen":"2026-06-25T01:06:10.327319Z","times_seen":1,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/bitpay.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.754Z","timestamp":1782349533754,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/bitpay.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-2699\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9881,"size_decoded":9562,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"88d61453f2e52906f883152a427a347a","sha1":"76968e9244016ea6dce500f7bb2cbca9716626c7","sha256":"f0940359bc638a7aea636ae706611c0b3a5b80ec360c2bb9421b5f7b351151b1","sha512":"738bae1af9f36d4077178cb5f7b315dbdfefd7f641afca59d920dd718c5b95e433bd03092d66df3e5f7ff8ef3a50b6789a9ac9f6435be52b27f2d2e6e01e6516","ssdeep":"192:A/+cJuCZHFludGFrUvedGjQctRK+abLDPH0LAB7w77w29a11f:MzJu+FQhvwZctIzPDsLAB7wBi","tlshash":"36128e1d333942c6cf18dfb088e909f1fbb6396cad269f5d4eca84865e9c26443c909d","first_seen":"2023-04-30T19:28:18Z","last_seen":"2026-06-27T10:02:40.533418Z","times_seen":823,"resource_available":false,"data":null}},"time_used":580,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":580,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/ownbit.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.777Z","timestamp":1782349533777,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/ownbit.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-26e7\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9959,"size_decoded":9803,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"541bb2e5e029df0653025ebe623f30d2","sha1":"651cc837b8f896bf73a4306e1b0151ed077c622b","sha256":"0773eeb40c38eca3d0c636bccb0bae0ab94f213fe0b76bc29c0eb5eab1792e8e","sha512":"0eccdfa002330242cdd0aaaed51f889bff918d0adc1715bfcc0e585010df50d25c62243391c4c336e92e050e989413c8241f31db3b317d65768fdfc19bf3fae3","ssdeep":"192:Us89TlzqT/hd/jo83HbbRz9JluVGfr9q2ZBbJxIxeSda:Us8PGT/z/j53PR57uV8q6JOeSda","tlshash":"07229e4f3a39660cc931e87d189f147f34961fad498246ac6433c7d2e85a0ea8985a1e","first_seen":"2023-04-30T19:28:18Z","last_seen":"2026-06-25T01:06:10.305401Z","times_seen":664,"resource_available":false,"data":null}},"time_used":559,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":559,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=tangem.com\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.308Z","timestamp":1782349535308,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=tangem.com\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t0.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://tangem.com\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 331\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":85,"timings":{"blocked":22,"dns":0,"connect":0,"send":0,"wait":63,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t1.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=taho.xyz\u0026size=128","fqdn":"t1.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.870Z","timestamp":1782349535870,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://taho.xyz\u0026size=128 HTTP/1.1\r\nHost: t1.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: https://taho.xyz/icons/icon-144x144.png?v=41306c4d4e6795cdeaecc31bd794f68e\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 1867\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:35 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Thu, 12 Jun 2025 14:21:55 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":1867,"size_decoded":2709,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit colormap, non-interlaced","md5":"4f91de10972e9941527e8971f56f6e93","sha1":"1ea2071a1ffd587acf44e611924ed14647994823","sha256":"7bd3b73a887ac49c681e88ac470ad4304735688ffbd03419c2075b02be97c2be","sha512":"4b9bdc6fa96093012c34ddf993a68b30a3376ec1b93cb3047d6e0dda473fb58b6828b41caea74fa6b27686eeadaf48080d86af30b4f4ecb467328b9ac4fe0d90","ssdeep":"","tlshash":"8731f98e065f2caf384be16972f5f6a6aabd07051f3a9c614075982a750a14763fc00b","first_seen":"2026-06-25T01:06:10.329548Z","last_seen":"2026-06-25T01:06:10.329548Z","times_seen":1,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/qr-code.png","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.852Z","timestamp":1782349533852,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/qr-code.png HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-a33\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2611,"size_decoded":1052,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"5335637c4502b41b13650bac44ea3a6c","sha1":"4cbc3eabd8f86772557bfb561be2115cc810686b","sha256":"6cec31831be4755745f8a7decaa8c85edf9e1c218e1a4fc55859a395a0a3cb76","sha512":"8a4e29d7ec9df0ddee0bea71f1381c3171b4e5a98dd281818744dd0ad9e29efe7ac13769355b0fe74572c71a459dbd0c1146be98a10f1cdc95a06dfd034e6548","ssdeep":"","tlshash":"77514c8813401ba710388e58cf034ce1ccf38bc20bbfd2e9691c63480098b20bb59fd5","first_seen":"2023-07-01T21:53:11Z","last_seen":"2026-06-25T01:06:10.332082Z","times_seen":73,"resource_available":false,"data":null}},"time_used":492,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":492,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"t2.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=core.app\u0026size=128","fqdn":"t2.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.698Z","timestamp":1782349535698,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://core.app\u0026size=128 HTTP/1.1\r\nHost: t2.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: https://core.app/favicon.svg\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 1983\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:35 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Mon, 11 Aug 2025 20:16:36 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":1983,"size_decoded":2779,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit colormap, non-interlaced","md5":"097e5f9153ccda155b691c2dbde59da1","sha1":"ff1dae33965ae2ef99929809d8630c09e1826437","sha256":"e0e5969ad2a1610fe4dabc2153801ec9fab624fc3f63abb2878b471086d1d8e9","sha512":"ca4e771d38d836bfd02bc6cacf1afb995d3b8ba8641c14d751e85b66fbe72b138fcb1e242117fe8eaef7ea01ff60b43a5abaf0cbe43b318f896a4f7202947ff6","ssdeep":"","tlshash":"39410c21c929ace956192f2e494378679d5f064ccdd1d7a74782186f3c44415573f074","first_seen":"2026-06-25T01:06:10.334639Z","last_seen":"2026-06-25T01:06:10.334639Z","times_seen":1,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t1.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=onekey.so\u0026size=128","fqdn":"t1.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:36.052Z","timestamp":1782349536052,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://onekey.so\u0026size=128 HTTP/1.1\r\nHost: t1.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: https://asset.onekey.so/portal/0b18f3f3d0cc1c74dba72612031ba57dc9d6ffde/icon/android-chrome-192x192.png?v=d5bfede322de37acb768e4cc259716f3\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 899\r\ndate: Thu, 25 Jun 2026 01:05:36 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:36 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Sun, 14 Jul 2024 05:59:28 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":899,"size_decoded":1804,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit colormap, non-interlaced","md5":"43fa14b5e3105073a12ff95221265424","sha1":"eebcaa430d98e9766411782a3a29838ff4eeaa96","sha256":"76acf6e2a26b1ea29840e11f24fc7913f7f89b06ee082796e173f3217c499bf5","sha512":"0d25925f23122f5104ceb5336eba8311eb421e1991d436723210a79d5fd5fbc37391721adadcb2fc6ec9579afe767d1670a1071558c1893089fd117a985f295a","ssdeep":"","tlshash":"6411ebe33152fc71a670dd7b1a534d27dc3cf12f256a01c07014b8394ea62751445d4f","first_seen":"2026-06-25T01:06:10.336093Z","last_seen":"2026-06-25T01:06:10.336093Z","times_seen":1,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/meetone.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.808Z","timestamp":1782349533808,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/meetone.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-5654\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22100,"size_decoded":21672,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3","md5":"01093db7d99e3e6cf5cca68b616f8255","sha1":"4ee6ef9a4a4d10ebdee3257382e696fc6f152c48","sha256":"141ce6ed4e42543ae843b0559095b24896ea4fe9ef3e22b8b90233d26377731c","sha512":"a2cb8086881562ce1e279925d513da39974f00823c1d75c0fe6c59ec45e65d3e15c16ed39da8dbd47b903263bf958ece2055c3aeb966dc7f900e4706a75e234a","ssdeep":"384:sxlZ5D+fLqZHrv+GXj9Lf9raeytaAwuNBo91K8LcpeGALqqj0UunTU:UZ5Eedv+GXJf9rzLAwau91KX6LUTU","tlshash":"5ea2d1ecb3702b82f57dd57e0d5ca440036c6625aa9583a7f071433b838ea65e6991ce","first_seen":"2023-05-01T21:31:16Z","last_seen":"2026-06-27T05:19:56.398393Z","times_seen":234,"resource_available":false,"data":null}},"time_used":534,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":534,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=core.app\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.355Z","timestamp":1782349535355,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=core.app\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t2.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://core.app\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 329\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":68,"timings":{"blocked":18,"dns":0,"connect":0,"send":0,"wait":50,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t1.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=ngrave.io\u0026size=128","fqdn":"t1.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.499Z","timestamp":1782349535499,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://ngrave.io\u0026size=128 HTTP/1.1\r\nHost: t1.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccept-ranges: bytes\r\ncontent-type: image/jpeg\r\ncontent-location: https://ngrave.io/apple-touch-icon.png\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 1363\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:35 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Wed, 09 Feb 2022 05:53:36 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":1363,"size_decoded":2190,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3","md5":"f231ae3753a20321cec07233981f8a60","sha1":"b7c499d8eb8866dfb7d0d2903a1a18e67e5d7454","sha256":"65c4d97d41d79dcd20804afe28979473cb8325ce3a20d7897c86b7ef88433243","sha512":"82ca99deff35f74046b2f1fb982dfd947294cf57fc881f5a55ad767a1e675d8cf6331867a9bc80b85add727bf4d07d93dd9fc38c55d05ef809a28f9955dfd9f2","ssdeep":"","tlshash":"d821e77ecad6b13aef601630060a7a52bb06910329525efb11ea30f478e54cccf052f5","first_seen":"2026-06-25T01:06:10.338287Z","last_seen":"2026-06-25T01:06:10.338287Z","times_seen":1,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/uniswap-uni-logo.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.751Z","timestamp":1782349533751,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/uniswap-uni-logo.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-11056\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":69718,"size_decoded":62797,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=3], baseline, precision 8, 800x800, components 3","md5":"06f68579e4a5cf0a72d56a5f243f17da","sha1":"c566a3f702d1b95e2cb9e2c82b9223fbce816e5a","sha256":"cc2d435efcc7ef1642c10e7f986909bbffadc6cca53f341d6e43851e98185bb7","sha512":"7218800b5443931c7ff50a41d074bc894ca05d3aba55583745a47cd6b87c50a4aa03330a75d78a1ddea324d31bfc7a797063507f23604d781ebf60b109edeaf7","ssdeep":"1536:+8q0qQDPUZ65q/1G6ZdyI0yKhBNsjkxifUFxbZHbQ:7q0qQoZeqjZ0IXKe4k8FxbZc","tlshash":"e063280748588f93a528c7e5bf030e9c2f462b1de58239ef15670ecb7f642221d9e06e","first_seen":"2024-12-24T01:05:45.439155Z","last_seen":"2026-06-25T01:06:10.339635Z","times_seen":18,"resource_available":false,"data":null}},"time_used":583,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":583,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/rainbow.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.754Z","timestamp":1782349533754,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/rainbow.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-2b27\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11047,"size_decoded":11003,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"6d76ead5b79aa76658cdd1845fc42d04","sha1":"0faa072f36879a7d1c26a5e655942c47dd468803","sha256":"85900214a912e9987e82575686a8e2f4cb705802c768ea6d9ea88b845224d451","sha512":"22fe17f984dc5b4d91f3bb35ce06bbeb09c7ee80dd2c918bcd8d576789815a904975aca528d74374e3cd6f0806d6f00de7991e2eb0e63f1d594605b1c44eee8c","ssdeep":"192:cINLESg7lIt0EPcjZo9++CxEF/eu1c3zMvMgluc6Xp5M7yNQgZgU+mw28D5AEr9s:cINLEt7lnqw+o4/O3Afup5M7yGxU+puf","tlshash":"3c32be70fbee4b82de6eed38a9906a0934a7db7dea50400df101864e90b73b80d0d815","first_seen":"2023-05-01T21:31:16Z","last_seen":"2026-06-28T11:50:27.681975Z","times_seen":576,"resource_available":false,"data":null}},"time_used":580,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":580,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/wallet_io.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.776Z","timestamp":1782349533776,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/wallet_io.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-322a\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12842,"size_decoded":12332,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"3b94a722de722a8972c8883eb2eabcf4","sha1":"42976f0e9169db09f109656e0450e6cdaff73281","sha256":"7ab4f55e993789177b55f53551ecdffc97ed6fb42300be796487f145e4f128d4","sha512":"fb5cf1b83498f888e659e08a4fa2ac1e43fd673be4113d66d82d4d684d7a477a6e8b3d60b93c12a37d3ea745807f615035e0a4e3b96b80947cfe81696aaa7dc3","ssdeep":"384:s9uMe8401VAxH6tMTTNpH5E3XN5XPch1NQ:hqp1aHlT5eXN5Si","tlshash":"e742b03d717d629ef004ce3451b3d0c9b71224689da3ac5d5c17bb690c92e332ba6ba3","first_seen":"2023-04-30T19:28:18Z","last_seen":"2026-06-25T01:06:10.342372Z","times_seen":700,"resource_available":false,"data":null}},"time_used":560,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":560,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/talken_wallet.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.801Z","timestamp":1782349533801,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/talken_wallet.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-1bb3\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7091,"size_decoded":7173,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"8d18e470b85fcdacd479aed6c7cdb16b","sha1":"7ba69fb3a9de45c015502158bd12ef6e956a500e","sha256":"dc5c2220234d9d9b75d41400daa8619b4b248f08586d9c04858d43f5c81b2e8f","sha512":"b3b4dca612bbeff4f66e2b2dba378d623ab80f4737d570d73b4472a5ef5867f79abc8a86b4d4ef7d1723b2c2a18b524e8a993a4d08da9a7913cf7514cf3dd443","ssdeep":"192:zILJKEz0FaZ65bU02jrZZkpuABROEwlZMjCul75:yKE/Z6IXgERMjJ75","tlshash":"9be18e38b58f3827d954c6310663ccd6ab726c3350a2f50d9672181fbd772a47a4617a","first_seen":"2023-04-30T19:28:18Z","last_seen":"2026-06-27T05:19:56.454339Z","times_seen":694,"resource_available":false,"data":null}},"time_used":541,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":541,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/morixwallet.png","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.807Z","timestamp":1782349533807,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/morixwallet.png HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-1497e\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":84350,"size_decoded":81919,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"aa7d607cf9ad52afeb3b7c83e5f34eba","sha1":"b6cd74f86e67cde7e138b707f600a8bbc79acafb","sha256":"3105aa83d6e1f0bb4cf7181013fc76f72d495dcd9e6413b3cda440add06adddc","sha512":"67f93d26000beb4dd1197f71b8e794f1745a5a42d6ac3772a30510d1ddd45ed007f7b0e1cb193a7ccddabc10753ed6f3d5b0e98c8def476870e8bd12d7e84e3c","ssdeep":"1536:T1yKhMjGiR9HaJa7PU3x4PfgaKxPmCmMiSnusMJvvqGhExWujO9s2IqppAAAAAA2:s5S+mar2OCgSnusMEcujO9sBqpm","tlshash":"8b83131a6798cf151dd7764bd582a3dee713c3fccd831385489a64622ab9123b03d4de","first_seen":"2023-05-01T21:31:16Z","last_seen":"2026-06-25T01:06:10.348634Z","times_seen":396,"resource_available":false,"data":null}},"time_used":535,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":535,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/onto.jpeg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.816Z","timestamp":1782349533816,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/onto.jpeg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-1e94\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7828,"size_decoded":6386,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"e382634b03048e214612be131e264736","sha1":"d9f34fc40d678823237cc7e561446a9b1c0bffdf","sha256":"16badf3b6a1f78e6df1b19e8684a6778a4e3dac2334ef0856ed382f41771f874","sha512":"2c7141810e0e6ab8767e787a4bd2a3bb6f85c86a6446004e05099de77139cf197b5fde7afaf4c8c0847b1210d7849c8dabf2a13443a08364543695819b8ce3c8","ssdeep":"96:zGO1Y2AEWfduJRPuwm1ED2gwvXPIqsvmzIDRzjXMA++klJwUkR0uH+w48baWYvo3:zD5ruwmPgwv0nI+06RhGWYvo3","tlshash":"85f17d6d79202491e72ae5bf2b85b0a1731ab600ffc7524f2041c0725453792bad3c7d","first_seen":"2023-04-30T19:28:18Z","last_seen":"2026-06-28T11:50:27.593365Z","times_seen":722,"resource_available":false,"data":null}},"time_used":526,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":526,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/font/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBHMdazQ.woff2","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:34.978Z","timestamp":1782349534978,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/font/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBHMdazQ.woff2 HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://walletsync.one/static/css/css2.css\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 34668\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\netag: \"67becf1d-876c\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":34668,"size_decoded":34940,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 34668, version 1.0","md5":"4746809ed1c17447d45d2a96c64796d4","sha1":"300a3511100a2ea1fbf43bf329855e17da1f4532","sha256":"8139a402ce239285716452e5668bce94bbf240b433fcfa2e154aa7e4d240445b","sha512":"28c2ae34437a02c99282a2e0cf8c3de11bfa07b55835068c82578dac1947dd3a74ab904cfdae0ce1d14767d601884c2e8f577025f647cae4a06c8dee220cbb61","ssdeep":"768:btpz8R5UTJqgQ3XvFF1LTbda57GqOWBR+LEPP:Jpzk5qepLTbda571v0EPP","tlshash":"35f2e1816c1c7085da4951f9cda50bcd46ee86f98d3f6d2118613a38e6c802f47f97be","first_seen":"2025-01-09T20:17:59.500754Z","last_seen":"2026-06-30T05:09:10.257764Z","times_seen":23928,"resource_available":false,"data":null}},"time_used":163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=taho.xyz\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.347Z","timestamp":1782349535347,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=taho.xyz\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t1.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://taho.xyz\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 329\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":74,"timings":{"blocked":19,"dns":0,"connect":0,"send":0,"wait":55,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t0.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=xdefi.io\u0026size=128","fqdn":"t0.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.879Z","timestamp":1782349535879,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://xdefi.io\u0026size=128 HTTP/1.1\r\nHost: t0.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: https://ctrl.xyz/icons/favicon.ico\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 2247\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:35 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Mon, 30 Sep 2024 06:50:25 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":2247,"size_decoded":3049,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"95c94dc0e479e18408a7d0a4efe907d7","sha1":"5277405685b09db544b6a7db6245a5b18f346c8f","sha256":"5ac990a9bf4dc70b37467b11dcc3a061ba6f17f5dab76c2ef53b3226752a57b6","sha512":"58d75e5c2f66e4a0de2ccbaa9b9366e26c5ef1e5cc2df5269500ebad9d603975bb31abbd456c47da654afd47c8f1fa0a56792a8c6d960079854b1812e5f8f20b","ssdeep":"","tlshash":"84413ce7150050d48adcb542a09e440cb7f62038ca438e46f1118f7b16dfa7356adbe4","first_seen":"2026-06-25T01:06:10.350004Z","last_seen":"2026-06-25T01:06:10.350004Z","times_seen":1,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t2.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=bitbox.swiss\u0026size=128","fqdn":"t2.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:36.093Z","timestamp":1782349536093,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://bitbox.swiss\u0026size=128 HTTP/1.1\r\nHost: t2.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: https://bitbox.swiss/assets/favicons/favicon-128-9b6957badf49baa5ae4a4e1a22978e3a.png\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 2788\r\ndate: Thu, 25 Jun 2026 01:05:36 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:36 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Wed, 02 Oct 2024 21:45:32 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":2788,"size_decoded":3641,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced","md5":"8ba98b5ceca22589744153290d40be34","sha1":"0ca104fa90c7da7a7b4f4c1a8379c0a94abe535e","sha256":"5b7f8b3ce846693e75379bcd3e73a74c7528f2f10ddfb6ed8fa4a62541b457c8","sha512":"3f669a4f1836ec7dd10cc7f209e70f47de72c49b2bea5f1afd5bbe66c6c975e454727956b21d2d4dda988a3a098aa2bbb4df155a2038646a2a3f57991181d5fe","ssdeep":"","tlshash":"fc513bc332f0ad19fa128badf32c01a7106b8dc05c51dd604aa5f4d25d3b69b326c327","first_seen":"2026-06-25T01:06:10.351304Z","last_seen":"2026-06-25T01:06:10.351304Z","times_seen":1,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/AVE.AI.png","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.738Z","timestamp":1782349533738,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/AVE.AI.png HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 10 May 2026 07:30:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a00341e-18934\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":100660,"size_decoded":99965,"mime_type":"image/png","magic":"PNG image data, 480 x 480, 8-bit/color RGBA, non-interlaced","md5":"3f7c6822e1cbf05552cd4cea7ed70a7e","sha1":"428221fada5b9bbaa4212ad0b4809d9e270b5652","sha256":"2434d517feccb2eaaee1ca5ad87bc7ab05aac8a38f405e91cccd51d738329fc7","sha512":"8685e5ff5f92b76bc2c6b9d7a3df2ff029fc4bb8888c534b852fc9d979ff72420058cc85bea4c39355c2bb4487c59cbfee43b4f6c3d0b946885f9ff3e275ff6c","ssdeep":"1536:CT8NYvCMBPUYmCulm65qZYcS3bTyhTDEeeYifrqc00qVeOi18dPrvLPaem:QvCMRUog9On6bywLHjqc028dPrLm","tlshash":"60a31239965036a2c2fa9b786b86340c8a7a17f7e165bb1c9112e192c370b1112ff662","first_seen":"2026-06-25T01:06:10.352453Z","last_seen":"2026-06-25T01:06:10.352453Z","times_seen":1,"resource_available":false,"data":null}},"time_used":594,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":594,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=talisman.xyz\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.344Z","timestamp":1782349535344,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=talisman.xyz\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t1.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://talisman.xyz\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 333\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":73,"timings":{"blocked":19,"dns":0,"connect":0,"send":0,"wait":54,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=unisat.io\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.349Z","timestamp":1782349535349,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=unisat.io\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t2.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://unisat.io\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 330\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":84,"timings":{"blocked":19,"dns":0,"connect":0,"send":0,"wait":65,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=leather.io\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.350Z","timestamp":1782349535350,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=leather.io\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t1.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://leather.io\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 331\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":73,"timings":{"blocked":19,"dns":0,"connect":0,"send":0,"wait":54,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/jade_wallet.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.791Z","timestamp":1782349533791,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/jade_wallet.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-2ad9\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10969,"size_decoded":9013,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"2976d6357a37a784f8e579cbea3cf824","sha1":"caf2d7979887e315b7176f3f8fa73e35b56793d0","sha256":"353c7ea72130625c1c2763a37a8bfafd67bfc0e743268650c718801446b9e6c2","sha512":"eb4d95b4bfc8dbaf8b026e9f49538dab1e3df790229bd970e85fcd836b85bf45b8cd8d979b3acc137b773e1c2e32bcde7638fa1cefe00d9990b746900a4e7d3e","ssdeep":"192:HZqWdWQAmSytBoG27ORGg/2+sI3MWt4oI87JxN3MBnXU0fbwk2TzmPtTk:Io1tq7rs8I3MWiBexkcQFk","tlshash":"3c328e9d2e77a65fd88ae27c077de43492b87e32c1521d0eac7850b62a109015cfe207","first_seen":"2023-05-01T21:31:16Z","last_seen":"2026-06-28T11:50:27.654388Z","times_seen":729,"resource_available":false,"data":null}},"time_used":546,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":546,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/at_wallet.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.804Z","timestamp":1782349533804,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/at_wallet.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-33bb\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13243,"size_decoded":12037,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"567f617068dcd5ea372ad03e10991514","sha1":"3953be697875e808423c3268b68c7de0f3833b5e","sha256":"0f0cfb848a47be7fae86c813dca0b15fbb0b7377ab28613abc2515948543fffe","sha512":"dfd09fb6c342ba4cc00a882deebbce09659cf97aff52aa72140f15eaa9ee1d019d7ab16fc39d8858b9c1d315dec9f00690fd001cc0284315c8b87e84be4dfd2e","ssdeep":"384:tIXK62b3o9bxBTzpzYAZqMueR5d2r+RdHoo:tIXKt3o9b38M5R5HL","tlshash":"d152b0217908debbc074da72151aa4a4869ddfca3dfb1cce60685425073c1e7aa489e6","first_seen":"2023-04-30T19:28:18Z","last_seen":"2026-06-28T11:50:27.720935Z","times_seen":788,"resource_available":false,"data":null}},"time_used":538,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":538,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=ellipal.com\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.326Z","timestamp":1782349535326,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=ellipal.com\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t1.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://ellipal.com\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 332\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":77,"timings":{"blocked":22,"dns":0,"connect":0,"send":0,"wait":55,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t1.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=namiwallet.io\u0026size=128","fqdn":"t1.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.705Z","timestamp":1782349535705,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://namiwallet.io\u0026size=128 HTTP/1.1\r\nHost: t1.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: https://www.lace.io/favicon.ico\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 1566\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:35 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Fri, 07 Aug 2026 13:05:52 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":1566,"size_decoded":2365,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"3f58955c10e5604b849ab2b219db1626","sha1":"cb8715968fb01ead9b0f489325766a14cad51392","sha256":"47449f23db1982f8cff06cf1dafa4fa3e4a31dd491a05ee62c914895e0836a6b","sha512":"28d7deda3f0a6b41081ab4119335c2c7baefd6c7c7dda914fe46a92420e6add92e8a42fa5d61388239f975b38cc4c9ffc9797069fa83d0f7ec8ca9c1937674cc","ssdeep":"","tlshash":"7b31e7b0092c8de5ce662726d8105fa5aa50a2997f037341bed9e72d54c37846cce61e","first_seen":"2026-06-25T01:06:10.361855Z","last_seen":"2026-06-25T01:06:10.361855Z","times_seen":1,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/celo_wallet.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.786Z","timestamp":1782349533786,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/celo_wallet.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-246c\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9324,"size_decoded":8901,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"ee24937d0fd4a42ccb2e5703b6e37859","sha1":"8609f00b7eb2d79e25c171cd1a36ca584b9a9d01","sha256":"6f726bd08ff78133042fef503af0929c63f136737cb6af3a5cb02e2682bdcbb4","sha512":"6302ddf1c5ef25b329040a809ac1e864200827d54453937b7d9ba26bec170bfea4db8586f97f825419aff07df1ff6e2754f1b5f26d1a03937155274d10890353","ssdeep":"192:kG89vyOrFZwkel7g6ZR0Upi4VnBqsLZqbjM2TbaPm+k336bMEDsI:18lzwk67gkKZ2BXZcjM2TGPo3KbJn","tlshash":"65129e91b2928938d574cbb39c9a4c47229cfdc0b018ee8ddeb1143a0b5a7503db6f88","first_seen":"2023-05-09T01:47:42Z","last_seen":"2026-06-25T01:06:10.363014Z","times_seen":236,"resource_available":false,"data":null}},"time_used":551,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":551,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/favicon-16x16.png","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.375Z","timestamp":1782349535375,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/favicon-16x16.png HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\ncontent-type: image/png\r\ncontent-length: 547\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\netag: \"67becf1d-223\"\r\nexpires: Sat, 25 Jul 2026 01:05:35 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":547,"size_decoded":887,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"62ec1d334d5f746f4a34a3fa4a10aab4","sha1":"87391b533798bf857bc435e7141cc7278e2f030d","sha256":"73f0972534f2fd24840683f30130c4633b2ccd6d20ecfcc8d04d884998e4363e","sha512":"882f293155f95494f372646ee6f1fe8106c6a39eeaf56ffd51ad504d6834d0eedf796a02291545bc70a0843224567ab3e72d906a711d1678f3b952e530b10fab","ssdeep":"","tlshash":"c2f026475f92686dd763e375a2149030c005633c261a668e0f5f15fa174ed62c154173","first_seen":"2025-09-09T17:29:41.14084Z","last_seen":"2026-06-25T01:06:10.364368Z","times_seen":7,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"t2.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=cypherock.com\u0026size=128","fqdn":"t2.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.550Z","timestamp":1782349535550,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://cypherock.com\u0026size=128 HTTP/1.1\r\nHost: t2.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccept-ranges: bytes\r\ncontent-type: image/jpeg\r\ncontent-location: https://www.cypherock.com/favicon.svg\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 3290\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:35 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Thu, 12 Jan 2023 08:11:52 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":3290,"size_decoded":4116,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3","md5":"f50ccae0223658d93bc0c98f0b460262","sha1":"5a5be7940b5ae304bb7d3130df25f9948d1f635e","sha256":"94afbc84e690a1a487469f38ea915a1645a68f44c094c40fcb7b38de5cc37efb","sha512":"641d346e5d31873c7a4c09f267bab8c8b23472018874d4a87bb1491faba401982d62df8f61dd9164c6ab7d7b2f056abd3ca9efff1439893356c192b2aa35d5cb","ssdeep":"","tlshash":"7a613a053a7a78d5fdbb3f7643fe3531a208595368d46a6d817843ee68db8801e208c3","first_seen":"2026-06-25T01:06:10.365502Z","last_seen":"2026-06-25T01:06:10.365502Z","times_seen":1,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":2,"connect":16,"send":0,"wait":26,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t2.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=unisat.io\u0026size=128","fqdn":"t2.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.947Z","timestamp":1782349535947,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://unisat.io\u0026size=128 HTTP/1.1\r\nHost: t2.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: https://next-cdn.unisat.space/_/2025-v3305/img/favicon.ico\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 3564\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:35 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Fri, 17 Mar 2023 03:42:51 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":3564,"size_decoded":4390,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"4f27b8433ec1a83ea552f92c2c16b3a0","sha1":"85cecdc5d67c1cb7c9379387705090f1e5335597","sha256":"aa22292fa1396e1bfffb2f6a1a94fea88b362a9cd9d291008055eb92ab8a277b","sha512":"d6c01f0f2b7c0cb20e64c7d6172fdd5ff56465c8b9cf705d61a6dcb177afec270c4c44c10c5dc126c359a23e828b15077044ba4a9ae0b7d8e1f0b8a54dcda1f6","ssdeep":"","tlshash":"12713b192349a0b8f1d45bdf449c30c8e473cac1923dcb5967b9d404a8b1f7dade562d","first_seen":"2023-10-18T21:09:25Z","last_seen":"2026-06-25T01:06:10.366429Z","times_seen":2,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t1.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=typhonwallet.io\u0026size=128","fqdn":"t1.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:36.088Z","timestamp":1782349536088,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://typhonwallet.io\u0026size=128 HTTP/1.1\r\nHost: t1.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: https://typhonwallet.io/apple-icon-144x144.png\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 2914\r\ndate: Thu, 25 Jun 2026 01:05:36 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:36 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Tue, 02 Nov 2021 06:31:03 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":2914,"size_decoded":3728,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit colormap, non-interlaced","md5":"20959b3c75b1909cee262a6114120805","sha1":"80e72d8fb6a67f01db70ffaf72bd146179c47d5e","sha256":"bdf19a2a5926b21a31eb1251bcbee5063106e8984192c31c78fff82e328cd7ec","sha512":"7171afa868920276e21dfbd8068c54428d9b8b22698909ae5190564ea65e6c52409e2f02a8f5108c1802731cb62e8cf35849ba7db2f46810e7c24fc9df50dd86","ssdeep":"","tlshash":"13512b79b6015cb5b7754e5053c1019eec44871c92ad93a82a9dd9fac6847f870361a1","first_seen":"2026-06-25T01:06:10.367543Z","last_seen":"2026-06-25T01:06:10.367543Z","times_seen":1,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t2.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=martianwallet.xyz\u0026size=128","fqdn":"t2.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:36.091Z","timestamp":1782349536091,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://martianwallet.xyz\u0026size=128 HTTP/1.1\r\nHost: t2.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: https://martianwallet.xyz/favicon.ico\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 1824\r\ndate: Thu, 25 Jun 2026 01:05:36 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:36 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Sat, 08 Oct 2022 21:18:00 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":1824,"size_decoded":2629,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit colormap, non-interlaced","md5":"dcdf0606d671f9c75e70f966f2da2d00","sha1":"9e20e97fb397e4a47d7b1b07effb40064000f487","sha256":"1d9d34d7e58b13aec1589a5bec74dcf8c918c9ba29301d0bf33d5b557e474398","sha512":"30bc35ce8cc09a8c5f1eee1e26ef385735e34d07007d39b287cc4114da6f9d4a5509710f2907ba4828cb7f732ed36904792ee1a5df1161b776cdfb26175943f4","ssdeep":"","tlshash":"29310bc6ea730bacf81d84a1f548d177de76739207055058221708b1fea6e03cfc499b","first_seen":"2026-06-25T01:06:10.368453Z","last_seen":"2026-06-25T01:06:10.368453Z","times_seen":1,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/encrypted_ink.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.758Z","timestamp":1782349533758,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/encrypted_ink.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-6274\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":25204,"size_decoded":23041,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2], baseline, precision 8, 400x400, components 3","md5":"b6944dce49bda64a1cfa7bb1e0c52a5c","sha1":"c58a843bc94d86d9678f12957b98a42713083cd0","sha256":"735a256038fa8782f3c38188fb588a870580162208649ad5bcbb3152c9b45854","sha512":"4582ec1276a3cca6e3d02a16db7fe367a92dd6f4453d3aaba59bf0c1c7b0ce27dfc418aa524011bfbe725532419dc7a302f3d2478404e8667811ec90bd5a7ce6","ssdeep":"384:bL7YOOWvP4or670greoKcnk+C5YOOPNPNMBMBc0apQKYtj0Wbp:bL7YOH5270gTNkdYOOFPNMCa+KYttbp","tlshash":"01b2d130ff1712c0e8e4cd7119d43d45b32f97d8ee5a7e2a3c5cc56a9b420e6901ae96","first_seen":"2023-05-09T01:47:42Z","last_seen":"2026-06-25T01:06:10.369382Z","times_seen":215,"resource_available":false,"data":null}},"time_used":576,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":576,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/nash.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.770Z","timestamp":1782349533770,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/nash.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-1fdb\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8155,"size_decoded":7455,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"104461e7e4dce9afb135eac0a215b19a","sha1":"9d71d53d7eae917ebb2409cfb50c00ec7b301cd8","sha256":"89d1383830e1a334458a6acb31e44b2eb2fd8162328533e2e4fbe44322011c7b","sha512":"1d6c9d2120851e790d1b62b62fbb9db1e3d459c5970d86b7d3c8f6bc46fab08e950cfee3b3d29236c0f85d2ba963dfd23fd9fa95f255f5b7f61d2327323f2eb6","ssdeep":"96:3wVnYPA7qTFA0FjCQAATa/Dis/wb3cqUSHOT1W2mj6DSOxQ5V3hX:AFY47qxA0F5Q+ywUSuTCj6mOxa3B","tlshash":"21f1af0c3db86064c1e8d9feec3a075082fc21d2a619ee3d7296946843ddd56b9d4ed2","first_seen":"2023-05-01T21:31:16Z","last_seen":"2026-06-27T10:15:41.405964Z","times_seen":666,"resource_available":false,"data":null}},"time_used":565,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":565,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/plasmapay.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.792Z","timestamp":1782349533792,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/plasmapay.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-2fb2\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12210,"size_decoded":11891,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"f54c916fdd25d7d018cc6476ed44cf2a","sha1":"cd650cdd741ed3777d5a620ce4e0b7242536180a","sha256":"22f4e24b77d61acd7bdd8b87371bf7c65539032dca69288d1d5f58624ef973f8","sha512":"c4b2671e2468d2d5c04cfc1c312f50e0682b950b3352612b954732fe96cac30817dec0a8371247241fa8875058d24a95e8ed8e57685a3689f2f6d43b59906ea7","ssdeep":"192:sYGwQJPI6eqAsObjENItMcxi0MyJELs+1aa/hEHKSEpZQbsoxJKdB2:ywQ5I6eqjOPEKLDMyOLsDa/W2BKyE","tlshash":"b842a0c9fd5044e8e8a2ea3845dc0b22f2d817447835dafd354ac13d586682a3d6facb","first_seen":"2023-05-01T21:31:16Z","last_seen":"2026-06-28T11:50:27.676937Z","times_seen":727,"resource_available":false,"data":null}},"time_used":546,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":546,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=tronlink.org\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.335Z","timestamp":1782349535335,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=tronlink.org\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t2.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://tronlink.org\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 333\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":86,"timings":{"blocked":21,"dns":0,"connect":0,"send":0,"wait":65,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t3.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=aquawallet.io\u0026size=128","fqdn":"t3.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.868Z","timestamp":1782349535868,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://aquawallet.io\u0026size=128 HTTP/1.1\r\nHost: t3.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 \r\ncross-origin-resource-policy: cross-origin\r\ncontent-type: image/png\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nserver: sffe\r\ncontent-length: 726\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":null,"data":{"size":726,"size_decoded":993,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"b8a0bf372c762e966cc99ede8682bc71","sha1":"2d7c9b60d1e2b4f4726141de2e4ab738110b9287","sha256":"59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64","sha512":"6883c7a3f702fb3df5e698333c8a05705970fcb476a31a2008444a02122b6870de158176c86a1f6605a0783b88d3523646b4d288696e777b37cc02d5d95266ca","ssdeep":"","tlshash":"fe0165e3a34595286b870a62f4b87082162a6ae560c3c09964e4ec6e1f05168e4e5e9c","first_seen":"2023-04-05T05:54:43Z","last_seen":"2026-06-29T20:53:15.240585Z","times_seen":7101,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/keplr.png","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.741Z","timestamp":1782349533741,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/keplr.png HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-7803\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":30723,"size_decoded":30930,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced","md5":"38b8ba202256987cda85147bb25ab417","sha1":"049c2878009253b689d85521a55930ed74509dde","sha256":"7151e633c00df49903171a10e1a8a82fb1a5e57d0813308f9b4446873cdba89f","sha512":"6604d373470ee4630767d2f3fb893a40ccf73f07be0490d47270420f863d83c4ce9c6ea64e2dc16c8486ead158de7ece3ac7ff1eb652b138bc75ec2de7bd6f3c","ssdeep":"768:+0pLgU0CUATYhacE/FWLSdJHNCzkpx+Qu:zpDNTYcFfzUkpx+Qu","tlshash":"d8d2e1390a0bfa45ebffdb84c0210aee523402c79fb3af1195a394c627670a99457387","first_seen":"2024-04-30T18:55:15Z","last_seen":"2026-06-27T10:02:40.475776Z","times_seen":113,"resource_available":false,"data":null}},"time_used":592,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":592,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/stacks.png","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.747Z","timestamp":1782349533747,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/stacks.png HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-d2c\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3372,"size_decoded":3746,"mime_type":"image/png","magic":"PNG image data, 225 x 225, 8-bit colormap, non-interlaced","md5":"b820d027ce33fb89dcedb2d3dd629968","sha1":"d97564ba30f4a5900f630f14ba6f1110b43f57f7","sha256":"9c13f625493aaec0fd297e88731fee0523e1b96ba81ef39e47f0c912e87023a0","sha512":"54cbc3aa4d42b909d81bee2c6699c19ded744ddb3cbdf8ef9a4905fa5d27a7b43b2112c0bf296a2702ac39e76eb79714da1c9bb634fabf062edc693871f31292","ssdeep":"","tlshash":"13616cb3c5071468f8045ea2be1b1bc6de4c081150438ee5b1a2d3a3bccdfd9e545085","first_seen":"2024-04-30T18:55:15Z","last_seen":"2026-06-25T01:06:10.375204Z","times_seen":26,"resource_available":false,"data":null}},"time_used":587,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":587,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/tongue_wallet.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.799Z","timestamp":1782349533799,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/tongue_wallet.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-12b9\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4793,"size_decoded":4534,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"343792786b18339d16d0dd92fb91e6eb","sha1":"bdee6426ac6a6206e15680af46af67376e1701fa","sha256":"5a8304f37ebe014cf58d37de067afcd1ee6da645395dff8c47f277477e64a86d","sha512":"faa030fcb0c1e292f4bc856543bf441d60953fb62bcc703e3405e4fe04b8e606886bb111c90867936d1db22a8f61060fedd59aeb8b6ac3f97bd57cf44a4bba33","ssdeep":"96:fiRi9nj8zm+RO0A/neYYgXA5jypLOKJTFg:KRaIzZRPSeYYgejypVXg","tlshash":"29a17c51322a6b23f44ff6b25c959fcd6bd10ac85c4e523c95af705cc286e8da9054ec","first_seen":"2023-05-01T21:31:16Z","last_seen":"2026-06-27T05:19:56.376469Z","times_seen":589,"resource_available":false,"data":null}},"time_used":542,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":542,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=trezor.io\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.304Z","timestamp":1782349535304,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=trezor.io\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t3.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://trezor.io\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 330\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":88,"timings":{"blocked":22,"dns":0,"connect":0,"send":0,"wait":66,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/trust_wallet.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.737Z","timestamp":1782349533737,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/trust_wallet.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-19e9\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6633,"size_decoded":6365,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"f15670e2fa664790560becb05302a51c","sha1":"836d223713db4da5ef9ac8b6caec385f06353e89","sha256":"521f3ca5ed42fce36af921fb2764ad5c75760b434563d11d960270a8bef55c6f","sha512":"8c075bcce1435d37d89a091faa4e1633f6c5d2fff6161e5ce530d71b10a837473ee04a2f39d0414c7d59c0b9f72d8df8fc5d2cfffb30244c3eb91c72ad7f994e","ssdeep":"96:KdRNpQK9Icf5SJRiL8ylpJq1eRuGTQhlLCFuP+QzIwPMFMbEIp:Kd3pQK9IchSJYL8ylLqQ/TCOgPCo","tlshash":"dbd18db43f431800c9e6fa705d6750672d9ba78894da689fe16d16af362ca11be3c831","first_seen":"2023-04-30T19:28:18Z","last_seen":"2026-06-27T10:15:41.523285Z","times_seen":713,"resource_available":false,"data":null}},"time_used":596,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":596,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/gridplus.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.772Z","timestamp":1782349533772,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/gridplus.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-2ee7\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12007,"size_decoded":11236,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"b370860671d254fa45fd1fb36ea88257","sha1":"7a638f30aff95cf63c8e61733112087712f79a22","sha256":"4853dd9d590e22630ff3b98a8c5a544cb7a27235676c6557b9a3134bc5eda6ef","sha512":"08e83af12f96d71e02f61ffe5121799c81315f71250ee0f2449f78402143a4eed0c62c47bf66bb92eefb5fe6c1610d031d6f2c58c1d93d8befe8a172e3d49a18","ssdeep":"192:0bbgXObk0URlbqiTdzV94C9uXRZdPSU6s1eM8LwxVL+D83HIoWf7i/ktNv3TTbsh:3yk0Ul1V9lGZdPgwbwwjLnXIoWf7i/kY","tlshash":"f2427b8b7293a033a1abd4314c967558264796a101e31b2c796d7f7fb33e98f1e83c25","first_seen":"2023-04-30T19:28:18Z","last_seen":"2026-06-28T11:50:27.597518Z","times_seen":850,"resource_available":false,"data":null}},"time_used":564,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":564,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"t2.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=slope.finance\u0026size=128","fqdn":"t2.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.693Z","timestamp":1782349535693,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://slope.finance\u0026size=128 HTTP/1.1\r\nHost: t2.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 \r\ncross-origin-resource-policy: cross-origin\r\ncontent-type: image/png\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nserver: sffe\r\ncontent-length: 726\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":null,"data":{"size":726,"size_decoded":993,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"b8a0bf372c762e966cc99ede8682bc71","sha1":"2d7c9b60d1e2b4f4726141de2e4ab738110b9287","sha256":"59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64","sha512":"6883c7a3f702fb3df5e698333c8a05705970fcb476a31a2008444a02122b6870de158176c86a1f6605a0783b88d3523646b4d288696e777b37cc02d5d95266ca","ssdeep":"","tlshash":"fe0165e3a34595286b870a62f4b87082162a6ae560c3c09964e4ec6e1f05168e4e5e9c","first_seen":"2023-04-05T05:54:43Z","last_seen":"2026-06-29T20:53:15.240585Z","times_seen":7101,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/kyberswap.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.797Z","timestamp":1782349533797,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/kyberswap.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-24f7\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9463,"size_decoded":9648,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"84d8feebe781731aa6e08cdbdd7308a8","sha1":"4f38c77471524f83bae8137726c6d75f36b223fa","sha256":"5bba75448c46b95dffb78394b2e3597c94fa6e546d2eda6d8a81546ac77aebf6","sha512":"cb9e23f8d712bf6bd06726efb33b91ab03a751e5cf97bf2f440b11621e0ad749c12b5803bb0afe8bfc3b59516711372de0f700d4b86f48babbe9af212c2a6866","ssdeep":"192:vNvMPUwwVnAgDUb+5SboY9pm8myGZuyG+hDD9dfIP:hJwwSgD++wboY9p9D86KdC","tlshash":"2712afbeb703899eeb1cd1fc98b73016e3c3dd1b439c678f0da390298422a17561d995","first_seen":"2023-05-01T21:31:16Z","last_seen":"2026-06-27T10:15:41.463481Z","times_seen":561,"resource_available":false,"data":null}},"time_used":544,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":544,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=bluewallet.io\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.351Z","timestamp":1782349535351,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=bluewallet.io\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t3.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://bluewallet.io\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 334\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":86,"timings":{"blocked":19,"dns":0,"connect":0,"send":0,"wait":67,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/css/bootstrap.min1.css","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.687Z","timestamp":1782349533687,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/css/bootstrap.min1.css HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 23 Apr 2026 16:10:00 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69ea4458-38aaf\"\r\nexpires: Thu, 25 Jun 2026 13:05:33 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":232111,"size_decoded":32186,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65342)","md5":"1b1cb0e2be9a21f091a87691f20c6300","sha1":"7575987f70ee5c91f6a0e771b38c6507e457ab61","sha256":"d85327d99c7a3ee1f9b5d0500d1370acea3ad2db39c163c2f51f232baedbdede","sha512":"d9b0500a3727c3ae7c2e1a389e55c971ce96915fd4c6913fb00a246d73f140d1aa98d750ad6aadc36e8db3d90517fc86efdda9291d52c7cfd8d4b7f55cde0628","ssdeep":"1536:i9NnXGi9GfJkfvq5wlP7cQZDR9uRV982sYRElV6V6pz600I41r:EnXp9GfVV98II6V6pz600I41r","tlshash":"123482d6f590317d9ca7c1499681fefd896fa985cb120aa6f003776807cabd30962dcc","first_seen":"2025-09-04T15:51:36.002152Z","last_seen":"2026-06-30T05:23:26.007655Z","times_seen":3734,"resource_available":false,"data":null}},"time_used":486,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":486,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/infinito.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.775Z","timestamp":1782349533775,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/infinito.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-25c8\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9672,"size_decoded":8909,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 398x400, components 3","md5":"319a4e53a51ceba6ae824ed693002f84","sha1":"60b6e1e5cb3915e1987d70a551759a29087303fc","sha256":"3092ecd1ce7ffcbcb9fce2cd014089d9a634c28801ad584f95131eea56605df6","sha512":"eddf8c1a0bdfa0d6edc9a5733195ce965ca062b9b854b65f744f7157a2f7173cf0554114b40b3706a4b13efc129e32b63eda8da74f933e9cd74e8f65c98d6816","ssdeep":"192:8vtMi5Mi52zc3tPtfrDZpC8eEsfyzqV/+iF5ojb9yQ3+wYSC5x3I/yw:8vtMi5Mi5v3ttjXC8eDfyzTi09ydwYSB","tlshash":"ce12bf2cb64123c6cdb7d3bbb8adac3fb1a6599af8784d0d7707114422fde305151289","first_seen":"2023-05-01T21:31:16Z","last_seen":"2026-06-25T01:06:10.38688Z","times_seen":594,"resource_available":false,"data":null}},"time_used":561,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":561,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/apple-touch-icon.png","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.374Z","timestamp":1782349535374,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/apple-touch-icon.png HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-2876\"\r\nexpires: Sat, 25 Jul 2026 01:05:35 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10358,"size_decoded":10733,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced","md5":"20eef9fface18b29d1498e540717bb1c","sha1":"b8cf8a59f64b686078e12892f392958d4366ee62","sha256":"fb0d6d57e66106b6f2ac0309c5ecccee99fd1ad725f34faed7296121362defc4","sha512":"87d5b86e01202cc3b75227877bbb3c6d1cd117ccc51426593c94ea41ccf02737345b1fe4e7bcfee4fbcffe188b76a7ceea8ada213c381b3ed78f379024f3003d","ssdeep":"192:de8C33dWTdUENDNMagCRpErEOS1EBbTIfzOXAYZ7iei99ZDhQfaoeDOELh:de8C3IdUERFjErjS12/IKAYJuhQ5Ih","tlshash":"ec22b0954486614218780302481c5410e72f7485ee6aea55c07ee026abfbfacdd87eef","first_seen":"2025-09-09T17:29:41.143381Z","last_seen":"2026-06-25T01:06:10.388084Z","times_seen":5,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=ethoswallet.xyz\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.341Z","timestamp":1782349535341,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=ethoswallet.xyz\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t3.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://ethoswallet.xyz\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 336\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":88,"timings":{"blocked":21,"dns":0,"connect":0,"send":0,"wait":67,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=yoroi-wallet.com\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.358Z","timestamp":1782349535358,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=yoroi-wallet.com\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t1.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://yoroi-wallet.com\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 337\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":67,"timings":{"blocked":18,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t1.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=safe.global\u0026size=128","fqdn":"t1.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.707Z","timestamp":1782349535707,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://safe.global\u0026size=128 HTTP/1.1\r\nHost: t1.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: https://safe.global/favicon.ico\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 1736\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:35 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Sun, 09 Jun 2024 01:04:37 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":1736,"size_decoded":2535,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"acc9d322f5f6201c2c8937a134e878d1","sha1":"ea97d98bd595dd3180bb73a89adf834705c2ecea","sha256":"d2f190ccb24d33bfe9a8ad892fd7db7ce5386f78c4042b13702a41640de066fb","sha512":"21d415d047d5a83c8107d5a0d135a7148593595fbd8c44644057c12166e812d051668b4e4aaa15c632fcae7380a28d27376ac695bcc4844d2bae4c36d2f90673","ssdeep":"","tlshash":"6131f8b7a364e95ef84b00b29144916d9643afe7b4121148bc6f66310790be89137aae","first_seen":"2026-06-25T01:06:10.38921Z","last_seen":"2026-06-25T01:06:10.38921Z","times_seen":1,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/crypto.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.763Z","timestamp":1782349533763,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/crypto.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-2a8c\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10892,"size_decoded":10511,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"af51356c02ac29ff62a6f193926d5284","sha1":"578c72abc285cc31f3f53995894dbd33b2798180","sha256":"78ac04d45d90c6b9861b6ccba310ed30d7d797fd962babefd4bb024d487284d5","sha512":"7bb6b88cb6e6326341102c4db2173cf0d241b65e7076f4d11021e119a8ee296271a615a6849c6a53e5896a3df59db065b891c80e689a3f3e173487fa98187be5","ssdeep":"192:Talqi4iMvB3A55tAdnGYR0QZAVuxD4M89DBmXhF0jq1FNqAmPZUB:ulj45v65tAXAVM4MuBmXYyePCB","tlshash":"8122aff3b93e2564f5d4ee72d5857a36463e4330389f148e95f323e15aa1d2888478d2","first_seen":"2023-04-30T19:28:18Z","last_seen":"2026-06-28T00:17:10.551457Z","times_seen":804,"resource_available":false,"data":null}},"time_used":572,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":572,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/bridge_wallet.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.779Z","timestamp":1782349533779,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/bridge_wallet.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-1e2b\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7723,"size_decoded":7320,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"347c362cb102ada4b7d16da1f70d0951","sha1":"31a1f70768f1d78241e39406402f87130b8e2a2d","sha256":"6b803609b44c6c285f680931c98248ba3e089f93c1d32d8278006c42c7dc9493","sha512":"c152cd518aaa5ff3699cb59b00dcb1ffa175e1e704a43204562d36bf5b5104173038b92bc51ebbc0f95b36924077597399881a7b6b77bec8dc1e88738c2eccce","ssdeep":"192:V0sJHQXmCiwH3bngT0TEtC+lRZITAZhpFKOem6xrYEibGLdo1H:ZsmCbgyEtR3mADrpIw6Ldop","tlshash":"f1f18e737bbd2302d89ad73114ad4bbc0b2271719dd252fc3a9771935826b10ef271a9","first_seen":"2023-04-30T19:28:18Z","last_seen":"2026-06-28T11:50:27.608633Z","times_seen":654,"resource_available":false,"data":null}},"time_used":558,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":558,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/authereum.jpeg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.833Z","timestamp":1782349533833,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/authereum.jpeg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-313c\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12604,"size_decoded":11838,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"7ddc5ba26ef611fa3d9b266cf9699e6f","sha1":"2044dde2fa21f45da39f73be1289609b91878710","sha256":"7c23f5d02ab4100e9788e2c01e923ff0799a996c25c954c223c8d808ce0654e7","sha512":"d21eca0d633fce10f73ae553d215ffef5f0b9fc398aedfa5a66ee69887f7a476b87610fc404065994db0c0aefeb70a0fe96896fb6e22b8cc18c8168ad002486f","ssdeep":"384:b0tK/5F4LNqKBpzKHV9fAgQeMYmZXhYQ9cTceJpUYBWA:QC2/BwPvMYmleJ2A","tlshash":"8342cff7b935e5eded00d87639df7374a0062c6b26010a6f99d23a22691fe51311d27c","first_seen":"2023-04-30T19:28:18Z","last_seen":"2026-06-28T11:50:27.723148Z","times_seen":662,"resource_available":false,"data":null}},"time_used":510,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":510,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=onekey.so\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.307Z","timestamp":1782349535307,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=onekey.so\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t1.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://onekey.so\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 330\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":89,"timings":{"blocked":22,"dns":0,"connect":0,"send":0,"wait":67,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t0.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=lace.io\u0026size=128","fqdn":"t0.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.884Z","timestamp":1782349535884,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://lace.io\u0026size=128 HTTP/1.1\r\nHost: t0.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: https://www.lace.io/favicon.ico\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 1566\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:35 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Fri, 07 Aug 2026 13:05:52 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":1566,"size_decoded":2365,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"3f58955c10e5604b849ab2b219db1626","sha1":"cb8715968fb01ead9b0f489325766a14cad51392","sha256":"47449f23db1982f8cff06cf1dafa4fa3e4a31dd491a05ee62c914895e0836a6b","sha512":"28d7deda3f0a6b41081ab4119335c2c7baefd6c7c7dda914fe46a92420e6add92e8a42fa5d61388239f975b38cc4c9ffc9797069fa83d0f7ec8ca9c1937674cc","ssdeep":"","tlshash":"7b31e7b0092c8de5ce662726d8105fa5aa50a2997f037341bed9e72d54c37846cce61e","first_seen":"2026-06-25T01:06:10.361855Z","last_seen":"2026-06-25T01:06:10.361855Z","times_seen":1,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t3.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=ethoswallet.xyz\u0026size=128","fqdn":"t3.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:36.379Z","timestamp":1782349536379,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://ethoswallet.xyz\u0026size=128 HTTP/1.1\r\nHost: t3.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 \r\ncross-origin-resource-policy: cross-origin\r\ncontent-type: image/png\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:36 GMT\r\nserver: sffe\r\ncontent-length: 726\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":null,"data":{"size":726,"size_decoded":993,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"b8a0bf372c762e966cc99ede8682bc71","sha1":"2d7c9b60d1e2b4f4726141de2e4ab738110b9287","sha256":"59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64","sha512":"6883c7a3f702fb3df5e698333c8a05705970fcb476a31a2008444a02122b6870de158176c86a1f6605a0783b88d3523646b4d288696e777b37cc02d5d95266ca","ssdeep":"","tlshash":"fe0165e3a34595286b870a62f4b87082162a6ae560c3c09964e4ec6e1f05168e4e5e9c","first_seen":"2023-04-05T05:54:43Z","last_seen":"2026-06-29T20:53:15.240585Z","times_seen":7101,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/coin98.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.762Z","timestamp":1782349533762,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/coin98.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-314c\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12620,"size_decoded":12418,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x399, components 3","md5":"c853c7334cb327be4e6d8d0ba7e56a63","sha1":"ff376e955dc008c41798d8bb003d6cbb7659ffbb","sha256":"4d20fa8823a9797faa93a7e0c9a61cf0fc1bacdc0549146acdfbde783284c4a8","sha512":"14330d10467faf1e6aa82381a14e98df96614e4c9650b79f15bf0c6db782ec5125c1fc4fb1564924df97e813bc6aa6ab38c9a71a800586400a45c1dc3e443492","ssdeep":"384:1bHN53JAsIxffcI120ayqieFgX8dyoO7k5:V73KrZZ2lyteFgT7e","tlshash":"b0429f07f90bb119fd58dbf3c8cb15bd3ba940395a024558a38726948be6006dc4eb9b","first_seen":"2023-05-01T21:31:16Z","last_seen":"2026-06-28T11:50:27.670452Z","times_seen":774,"resource_available":false,"data":null}},"time_used":573,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":573,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/trustee_wallet.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.788Z","timestamp":1782349533788,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/trustee_wallet.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-259f\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9631,"size_decoded":9141,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"5053513633960d52b22b7ada35c2be77","sha1":"d489998cf55f2bd8a18e15625bde018ef93cbabd","sha256":"da100c8001271aa0673900ad8cb38791ca36fa5d8070a34168b23ccbbd02af25","sha512":"2238f5114c143b0099595070948d441e8e1511bfafee9bf61acf86d2e13c781f323938b85cb4c83d08ea74cae82a2e0ee762bea98380602961281b51ecdef0ac","ssdeep":"192:0OfUZWfn5zS9fNqMsEnumMntIFQ/o3MDr5UCYsPKGaGQjNo:7fUIG9V5uRntIC/o8nCSSGAy","tlshash":"33129e3c77aea57299c0ed3f2ec1d6c8f99095f81cd5202f23e60599e55032c3e59ad4","first_seen":"2023-05-01T21:31:16Z","last_seen":"2026-06-27T05:19:56.388719Z","times_seen":414,"resource_available":false,"data":null}},"time_used":549,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":549,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=secuxtech.com\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.332Z","timestamp":1782349535332,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=secuxtech.com\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t1.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://secuxtech.com\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 334\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":70,"timings":{"blocked":21,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=phoenix.acinq.co\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.354Z","timestamp":1782349535354,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=phoenix.acinq.co\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t2.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://phoenix.acinq.co\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 337\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":70,"timings":{"blocked":18,"dns":0,"connect":0,"send":0,"wait":52,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=eternl.io\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.361Z","timestamp":1782349535361,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=eternl.io\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t0.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://eternl.io\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 330\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":67,"timings":{"blocked":18,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t2.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=zeusln.app\u0026size=128","fqdn":"t2.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.717Z","timestamp":1782349535717,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://zeusln.app\u0026size=128 HTTP/1.1\r\nHost: t2.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-type: image/jpeg\r\ncontent-location: https://zeusln.com/favicon.ico\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 2802\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:35 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Mon, 12 Feb 2024 01:33:20 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":2802,"size_decoded":3601,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3","md5":"3f7d51743f83dcb0e607819a398a724c","sha1":"f61ab3c31846bafb37d046e2044a5d54d9ad1026","sha256":"b8bde8c8d3ede5829a4de28258a6ad0e441b9545b87c363769ba92b3923292d6","sha512":"f82394f5608e99186874092b9cd8195ee507c985433b8f2b49c50b037e1d2e6ca3d7859e395a19a8729b42ba809d844c0f073f8963f99a369c554494f31b1e6d","ssdeep":"","tlshash":"3051da1068514f62cadd027048d352eb6f07fa3a48059b62bcd362d01ae72bd78930da","first_seen":"2026-06-25T01:06:10.393607Z","last_seen":"2026-06-25T01:06:10.393607Z","times_seen":1,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t0.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=tokenpocket.pro\u0026size=128","fqdn":"t0.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.726Z","timestamp":1782349535726,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://tokenpocket.pro\u0026size=128 HTTP/1.1\r\nHost: t0.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: https://www.tokenpocket.pro/favicon.png\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 1119\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:35 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Sun, 26 Oct 2025 12:40:27 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":1119,"size_decoded":1946,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"df0415f6ab5d10ff579b9a8ce40a2d0c","sha1":"f8ccc6f65e9ba3759c6de7ef2380c3b71aeedd05","sha256":"516dbff0a8bb89786fcd519b28407b06142b498880ea2f50693d6c3c48e5424a","sha512":"57c3e49117af81976d2260c3a3e83be85bee0abbfb72492a375e867d6f4e965179ab781aa1deb853ef616a4587f6c42010b058dafa831884f8fe9bded9c54522","ssdeep":"","tlshash":"5321f95f52617f3ce00b8002fd4a022c796ec326118d958df4490c51ccff644542dc7a","first_seen":"2026-01-08T23:05:58.452127Z","last_seen":"2026-06-25T01:06:10.394471Z","times_seen":2,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t2.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=frame.sh\u0026size=128","fqdn":"t2.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.100","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.873Z","timestamp":1782349535873,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://frame.sh\u0026size=128 HTTP/1.1\r\nHost: t2.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: https://frame.nyc3.digitaloceanspaces.com/bundle/home/favicon.8f0e1342.png\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 709\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:35 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Sun, 13 Aug 2023 09:58:29 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":709,"size_decoded":1550,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"cd2d42e552a3f4a96a8e2d20d8780b1a","sha1":"2b7dc78fdd2c28881fddd931d78f12b31be4b789","sha256":"45f8aa10c4c09da5bf93228e05ca54dd90c1fde98c5055f7de1d7be4aee8bac3","sha512":"9e9a751005487a0c26a9484807e880880daca2e3359dcb7ee287d16bf41b5b591da3131a00ac67cbbe237af6159012959b54603a9767fd64b00ee266ecd3e33a","ssdeep":"","tlshash":"cd0194922432a9badc508d7e3802ee328d15647c0089d888600ef8070a5df4eaf1ca4e","first_seen":"2026-05-05T10:13:08.215746Z","last_seen":"2026-06-25T01:06:10.397521Z","times_seen":2,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t3.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=coinhub.wallet.coinbase.com\u0026size=128","fqdn":"t3.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:36.089Z","timestamp":1782349536089,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://coinhub.wallet.coinbase.com\u0026size=128 HTTP/1.1\r\nHost: t3.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 \r\ncross-origin-resource-policy: cross-origin\r\ncontent-type: image/png\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:36 GMT\r\nserver: sffe\r\ncontent-length: 726\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":null,"data":{"size":726,"size_decoded":993,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"b8a0bf372c762e966cc99ede8682bc71","sha1":"2d7c9b60d1e2b4f4726141de2e4ab738110b9287","sha256":"59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64","sha512":"6883c7a3f702fb3df5e698333c8a05705970fcb476a31a2008444a02122b6870de158176c86a1f6605a0783b88d3523646b4d288696e777b37cc02d5d95266ca","ssdeep":"","tlshash":"fe0165e3a34595286b870a62f4b87082162a6ae560c3c09964e4ec6e1f05168e4e5e9c","first_seen":"2023-04-05T05:54:43Z","last_seen":"2026-06-29T20:53:15.240585Z","times_seen":7101,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/css/connect.css","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.695Z","timestamp":1782349533695,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/css/connect.css HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 23 Apr 2026 19:42:25 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69ea7621-2ac2\"\r\nexpires: Thu, 25 Jun 2026 13:05:33 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10946,"size_decoded":2588,"mime_type":"text/css","magic":"ASCII text","md5":"9a5cd674f04c8125732d1d3ecb87d82d","sha1":"12e79d1ece87971425c245d94cab44a56abc867c","sha256":"f60b36276d0b56006c718b4e2670eaa7f0b17948d985f6e4887c0a3ee4063eaf","sha512":"67231ceb6d8b1d9ba463112c4167f5761a9b367fc575454a4ccafd1d5b1c1413cdf73f66b76d057e262f861012a9e81535a641da047baabea88d78aac0151b85","ssdeep":"192:worF8nRotKPGngFLl40f1Lqbo4T+oUFFhcQRCHFYOH+DZK3F9qvz:wmF8nRrGngFLzf1ut+xFAQR4FYOeDE3M","tlshash":"54321f937dbd000131aee8b179dbafa662595173910ec9b87ef0206cdfc42d659e278c","first_seen":"2026-06-25T01:06:10.399657Z","last_seen":"2026-06-25T01:06:10.399657Z","times_seen":1,"resource_available":false,"data":null}},"time_used":480,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":480,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/metamask.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.734Z","timestamp":1782349533734,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/metamask.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-25b1\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9649,"size_decoded":9247,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"51db991750e9db40fbdc7d0f30242022","sha1":"e6118446bcb9637df1a291e227b4568ecbb975b8","sha256":"8511e927da4ac9ec04a813dfd6048297ca51639520463b8d6a61ccafd81500cc","sha512":"e55f577d849f33e2905ab163289e216c3c13abd922d4219c5fd592567898d3fde46acc1e8d036aa13b8a60498be990c18c408e56dbb0a94763ec481fe6598433","ssdeep":"192:D8Jsuc1VNFgDBoP8/UmUBYrOzj+MKSbNEyv3I4R3Cj:D8JsuIPFgDBoOJvhSbKj","tlshash":"3f129e963750d722d09edef3278d202e2e1759b32416eb6e531b40d44c6e5a6e827c78","first_seen":"2023-05-01T21:31:16Z","last_seen":"2026-06-26T01:27:54.613696Z","times_seen":497,"resource_available":false,"data":null}},"time_used":599,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":599,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"www.google.com/s2/favicons?domain=petra.app\u0026sz=128","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.152.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:35.338Z","timestamp":1782349535338,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:36:19 GMT","end":"Mon, 17 Aug 2026 08:36:18 GMT"},"fingerprint":{"sha1":"29:88:63:13:7D:77:C4:B7:BD:5B:53:D3:3E:6F:29:37:9F:14:93:44","sha256":"E4:13:4C:BC:32:C0:C0:97:65:99:C6:84:AE:0B:6A:C8:49:B2:D7:55:46:D9:34:DF:DB:61:1F:A0:D9:A0:E9:CB"}}},"request":{"raw":"GET /s2/favicons?domain=petra.app\u0026sz=128 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 \r\nlocation: https://t0.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://petra.app\u0026size=128\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 25 Jun 2026 01:05:35 GMT\r\nexpires: Thu, 25 Jun 2026 01:35:35 GMT\r\ncache-control: public, max-age=1800\r\nserver: sffe\r\ncontent-length: 330\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T07:32:23.926072Z","times_seen":16850090,"resource_available":true,"data":null}},"time_used":92,"timings":{"blocked":21,"dns":0,"connect":0,"send":0,"wait":71,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/terra.png","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.748Z","timestamp":1782349533748,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/terra.png HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-ca11\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":51729,"size_decoded":50372,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"78e77610540310b1b04946b810742ab5","sha1":"403738796b12262c61102b3855a6ad2fa448bc2e","sha256":"5300948c6ffb9ea2d517f372764a18b06888f941b5bc234df6c96f28d19c356b","sha512":"5697a3140745dd3f1a484bb106b7f906830af94ebd92d361f382a040f9101151458eaae924c5cba40f1e9aec004b3cbf1922b971ec0208329767b16cd6a32532","ssdeep":"768:jEQKdE93xYEDFPe5tno2VIJQNeP8XGZf+mQhwjHjKFLKkSaRw2kCMs93A0vw2In5:5jdiWVJZPNZfXAwjHj8RSu19jfIn5","tlshash":"3833e157917da4c2781bcf110df820e583793c9a8113756e3c1a51eb26c92f3aa7714f","first_seen":"2023-05-14T18:27:19Z","last_seen":"2026-06-25T01:06:10.402116Z","times_seen":168,"resource_available":false,"data":null}},"time_used":586,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":586,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"walletsync.one/static/picture/atoken_wallet.jpg","fqdn":"walletsync.one","domain":"walletsync.one","tld":"one"},"ip":{"addr":"192.129.149.130","port":443,"asn":54290,"as":"HOSTWINDS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:33.798Z","timestamp":1782349533798,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.walletsync.one","organization":""},"issuer":{"commonName":"LiteSSL RSA CA 2025","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Tue, 23 Jun 2026 04:00:00 GMT","end":"Mon, 21 Sep 2026 03:59:59 GMT"},"fingerprint":{"sha1":"20:48:37:28:8C:51:0D:C7:E4:90:FF:7F:65:0D:2D:6A:2F:A5:53:67","sha256":"E8:45:A3:24:E8:A4:37:0F:19:B3:A3:13:04:32:91:26:14:A2:A4:3B:63:C9:78:DC:29:E0:48:C3:D9:4F:08:0A"}}},"request":{"raw":"GET /static/picture/atoken_wallet.jpg HTTP/1.1\r\nHost: walletsync.one\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/app.html\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: server_name_session=267f4129cc7a480570513e1e76747a99\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Thu, 25 Jun 2026 01:05:33 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 26 Feb 2025 08:21:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67becf1d-1a74\"\r\nexpires: Sat, 25 Jul 2026 01:05:33 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6772,"size_decoded":6745,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 400x400, components 3","md5":"9c57c0e2ec3176b7cababa8f05b5a604","sha1":"96fc6b70edee435b4c3aae29ffed43cf536f0e9b","sha256":"4989e81bf3bd85e60e9fb74a27bf360237bb0e0db53a7ff1aa7ab84b26b24af6","sha512":"62cab8c7b9107bcef9244c7a90b7b4db907ac66d187116eae7136737d258d494397b28e08a83c507db9d5f89d9e7f87cd7ee39ed3a2e3a5138d82423da10fe67","ssdeep":"96:o7qTk42sGoZZ62rbt0+iXlLVIY2mWceiHIuNZ08m4W6wVo7TVL/YVLd6lywoRoo5:4PsGI3NWlLVF2eIkZARw7R/YX6QJUgKy","tlshash":"cdd17e8a37d99f32bc49c4fea469e798af280117444c7c9fa3be6c834a916545ebc110","first_seen":"2023-04-30T19:28:18Z","last_seen":"2026-06-28T11:50:27.644909Z","times_seen":734,"resource_available":false,"data":null}},"time_used":543,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":543,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"walletsync.one","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Generic Crypto/Wallet","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Generic Crypto/Wallet phishing","tags":["crypto","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"t3.gstatic.com/faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=novawallet.io\u0026size=128","fqdn":"t3.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://walletsync.one/app.html","date":"2026-06-25T01:05:36.377Z","timestamp":1782349536377,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /faviconV2?client=SOCIAL\u0026type=FAVICON\u0026fallback_opts=TYPE,SIZE,URL\u0026url=http://novawallet.io\u0026size=128 HTTP/1.1\r\nHost: t3.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://walletsync.one/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\ncontent-type: image/png\r\ncontent-location: https://framerusercontent.com/images/5oDmCClhr4cEF1G826jiiGO8.png\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"media-favicon\"\r\nreport-to: {\"group\":\"media-favicon\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/media-favicon\"}]}\r\ncontent-length: 1365\r\ndate: Thu, 25 Jun 2026 01:05:36 GMT\r\nexpires: Thu, 02 Jul 2026 01:05:36 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Sun, 21 Apr 2024 20:35:44 GMT\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":1365,"size_decoded":2198,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"47b6a343de76319869dad7def26954ce","sha1":"e8eccc1feb23c60c2a322d55bf934671ab789c5d","sha256":"c199dcc04ab5b0c17e969db9877fec5312511b219fa9efa05cadb0e07f11f89e","sha512":"3641cc9498d38609831fba084fe86a96b68bfd443957ae629bd7b23777c0f9a9754ca33722e6e06fa7d55553e4059b23c2a42030f41b09d95c2a7753bd88eafd","ssdeep":"","tlshash":"0f212b9cedb4600fc7948f22a22ff4e1654164e92bf6840c077346d8e1005dc4b75833","first_seen":"2026-06-25T01:06:10.404473Z","last_seen":"2026-06-25T01:06:10.404473Z","times_seen":1,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}