| stepnconnectactivation.pages.dev/image/home-icon.png |  188.114.97.1 | 200 OK | 611 kB |
URL GET HTTP/3stepnconnectactivation.pages.dev/image/home-icon.png IP188.114.97.1:443
Requested byhttps://stepnconnectactivation.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectstepnconnectactivation.pages.dev Fingerprint20:88:62:DA:DA:09:F3:DB:3B:C0:19:CA:05:D7:5C:67:6B:B7:BD:DE ValidityWed, 17 Apr 2024 12:09:59 GMT - Tue, 16 Jul 2024 12:09:58 GMT
File typePNG image data, 957 x 789, 8-bit/color RGBA, non-interlaced Size611 kB (610658 bytes) Hash45fbc0b7d904f6dd0d0239c673d7d363 db312e05bcd7ed1a8a3dd8de30e9c75a247e51e7 b02638d5695201a20a4fc8c2857fb5a37044b82a07034dd28fa1b4172ff5e902
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other |
GET /image/home-icon.png HTTP/1.1
Host: stepnconnectactivation.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://stepnconnectactivation.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:23:37 GMT
content-type: image/png
content-length: 610658
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "97b36e421bd19e8b82f55489aceb1cfc"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hzAc%2BIM94hNr0YzLL1I5pmVqp9I4VKwtqSJ7CwSSYR09U7CcZ6PM%2FE%2FOAsYIj4VWym2EFPPpsqvyuz2RNqiABS8Hjz9MQ%2B8UrXJAq694sIg0tSiHh68DZumsevtmtx4%2Ba68gAJOTzerCPgUK3CEfb58C0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762394fbbe6712a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| stepnconnectactivation.pages.dev/cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/css/bootstrap.min.css | 188.114.97.1 | 200 OK | 25 kB |
URL GET HTTP/3stepnconnectactivation.pages.dev/cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/css/bootstrap.min.css IP188.114.97.1:443
Requested byhttps://stepnconnectactivation.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectstepnconnectactivation.pages.dev Fingerprint20:88:62:DA:DA:09:F3:DB:3B:C0:19:CA:05:D7:5C:67:6B:B7:BD:DE ValidityWed, 17 Apr 2024 12:09:59 GMT - Tue, 16 Jul 2024 12:09:58 GMT
File typeHTML document, ASCII text Hash67fd40dfac47ba1764eb86bedeccc5e0 09017d860a0fe6e788c8ddce152f501fa283264d df494e42773ecd3bed21f338328cff3d0ce3aa6a284aacce01b250628d9dd7fa
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other |
GET /cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/css/bootstrap.min.css HTTP/1.1
Host: stepnconnectactivation.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:23:37 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"3afab98fa19f841363a832880dee8371"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UGRllY3BLUfrczjZexfAhZQewkkn7U%2BLwVuStTMgCOlqPJeoxdAUoZXN20ceegKULs30Go33KZi8%2FT69uW0Ai0HRssguOp5Nb2rH%2BFwtEgRx8dXc8Wc5JrxmVWhEs4uZhhwTbmqH5kglXYz1kEmiW2NMLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762394fbbe3712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 |  216.58.207.227 | 200 OK | 23 kB |
URL GET HTTP/2fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 IP216.58.207.227:443
Requested byhttps://stepnconnectactivation.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 23040, version 1.0 Hashde69cf9e514df447d1b0bb16f49d2457 2ac78601179c3a63ba3f3f3081556b12ddcaf655 c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://stepnconnectactivation.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 02:02:47 GMT
expires: Wed, 16 Apr 2025 02:02:47 GMT
cache-control: public, max-age=31536000
age: 184850
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| stepnconnectactivation.pages.dev/walletconnect.com/favicon.ico | 188.114.97.1 | 200 OK | 3.4 kB |
URL GET HTTP/3stepnconnectactivation.pages.dev/walletconnect.com/favicon.ico IP188.114.97.1:443
Requested byhttps://stepnconnectactivation.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectstepnconnectactivation.pages.dev Fingerprint20:88:62:DA:DA:09:F3:DB:3B:C0:19:CA:05:D7:5C:67:6B:B7:BD:DE ValidityWed, 17 Apr 2024 12:09:59 GMT - Tue, 16 Jul 2024 12:09:58 GMT
File typeHTML document, ASCII text, with very long lines (3555), with no line terminators Hashe384e0c2856ced2abf70be1d008bbb7e 05ea57cb55268a817074624c4c27aa68ffbdd707 79145d9faeb3a05a1623a3a1978558784bcfe1844fe27255868a8b5811a59b43
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other |
GET /walletconnect.com/favicon.ico HTTP/1.1
Host: stepnconnectactivation.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://stepnconnectactivation.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:23:37 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"3afab98fa19f841363a832880dee8371"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xIEYYEPgEGA0zVUCe7aTP4Qd7q4VeXZffGTThx%2BQIO0eXz6AmJnjSkQa2o0nIivvM6DCVUfwtNQcvzAX1mUzcmrqxt2CzZaQYUBlx%2B6XhV%2Fjdn6k6L4ST2i06omYBNawn7uhpXTe9P%2Fu8p4TLOTZBxxN3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876239519dc7712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| stepnconnectactivation.pages.dev/ | 188.114.97.1 | 200 OK | 3.4 kB |
URL User Request GET HTTP/2stepnconnectactivation.pages.dev/ IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectstepnconnectactivation.pages.dev Fingerprint20:88:62:DA:DA:09:F3:DB:3B:C0:19:CA:05:D7:5C:67:6B:B7:BD:DE ValidityWed, 17 Apr 2024 12:09:59 GMT - Tue, 16 Jul 2024 12:09:58 GMT
File typeHTML document, ASCII text, with very long lines (3555), with no line terminators Hashe384e0c2856ced2abf70be1d008bbb7e 05ea57cb55268a817074624c4c27aa68ffbdd707 79145d9faeb3a05a1623a3a1978558784bcfe1844fe27255868a8b5811a59b43
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other |
GET / HTTP/1.1
Host: stepnconnectactivation.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 05:23:37 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"3afab98fa19f841363a832880dee8371"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GH8CtzZiMLi7liHtUH%2FMFQPhatwg6VKlkJK6TcGTugEQaajRI%2FlbOlMrsGeExPWh0XvH75PMjgr2P8u0o1FW771%2ByY3blDXTO8pfmzKdkN8qQWBBegYtWdz4D%2BQgToue9J0A0F54X%2BeJe3q3rqbiMs%2Bf8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762394d8fcab4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| stepnconnectactivation.pages.dev/cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js | 188.114.97.1 | 200 OK | 0 B |
URL GET HTTP/3stepnconnectactivation.pages.dev/cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP188.114.97.1:443
Requested byhttps://stepnconnectactivation.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectstepnconnectactivation.pages.dev Fingerprint20:88:62:DA:DA:09:F3:DB:3B:C0:19:CA:05:D7:5C:67:6B:B7:BD:DE ValidityWed, 17 Apr 2024 12:09:59 GMT - Tue, 16 Jul 2024 12:09:58 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other |
GET /cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: stepnconnectactivation.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:23:37 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"3afab98fa19f841363a832880dee8371"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hJ9mH135X6bJcsm19QRak7duEqKl483eVxg5UaDapFIad42Q6xtAYovwfjvakh0xW2PdbgbTYWnG92UqNNkDkKvI1DmTsavSPwZjHC%2FD8xa2aUBI2X7vomRFwxHwYogjn6K4T5IK1iWRL1Bs5tOxXKvHRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762394fbbe8712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| stepnconnectactivation.pages.dev/cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/bootstrap.bundle.min.js | 188.114.97.1 | 200 OK | 0 B |
URL GET HTTP/3stepnconnectactivation.pages.dev/cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/bootstrap.bundle.min.js IP188.114.97.1:443
Requested byhttps://stepnconnectactivation.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectstepnconnectactivation.pages.dev Fingerprint20:88:62:DA:DA:09:F3:DB:3B:C0:19:CA:05:D7:5C:67:6B:B7:BD:DE ValidityWed, 17 Apr 2024 12:09:59 GMT - Tue, 16 Jul 2024 12:09:58 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other |
GET /cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/js/bootstrap.bundle.min.js HTTP/1.1
Host: stepnconnectactivation.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:23:37 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"3afab98fa19f841363a832880dee8371"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tGgWiLSr%2BAD2wT6bZQwOZzVhqohoL9AMvq7MgxuIDSeC7%2B0NkL2ReUixqYZitmImQX8Tnk29l%2Btax9tFqiFWXsrS0qO%2B7ApPhNKFsZyxRuG5vv5iCS2LwtzWnRqZjIG0qBaOVCCdDbOFwNRGy3wa8aGisQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762394fbbea712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap | 142.250.74.106 | 200 OK | 2.2 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap IP142.250.74.106:443
Requested byhttps://stepnconnectactivation.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (2215), with no line terminators Hashc479791b0cc366ddbd541c57780f90ad 27335692fe86c20d2c523b43e6ddbf3d3420f0e1 e77e641746ebcc0b6582674b938fdb3c18e44377b17f89fbad27b535b62e6515
GET /css2?family=Lato:wght@300;400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://stepnconnectactivation.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 05:23:37 GMT
date: Thu, 18 Apr 2024 05:23:37 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=DM+Sans:wght@400;500;700&display=swap | 142.250.74.106 | 200 OK | 2.3 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=DM+Sans:wght@400;500;700&display=swap IP142.250.74.106:443
Requested byhttps://stepnconnectactivation.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (2358), with no line terminators Hashd2d6e5988f0641e2a9d5625333d58a9d 3e494c4085e5a006e66b0ee3ff906cf57aa3af6b 9951da12a97ce6390ac2d93f3816b4c1e35dff48df1a7b12462ac182bc42fa59
GET /css2?family=DM+Sans:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://stepnconnectactivation.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 05:23:37 GMT
date: Thu, 18 Apr 2024 05:23:37 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 | 216.58.207.227 | 200 OK | 24 kB |
URL GET HTTP/2fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 IP216.58.207.227:443
Requested byhttps://stepnconnectactivation.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 23580, version 1.0 Hashe1b3b5908c9cf23dfb2b9c52b9a023ab fcd4136085f2a03481d9958cc6793a5ed98e714c 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://stepnconnectactivation.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:21:46 GMT
expires: Fri, 11 Apr 2025 17:21:46 GMT
cache-control: public, max-age=31536000
age: 561711
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| stepnconnectactivation.pages.dev/css/main.css | 188.114.97.1 | 200 OK | 3.2 kB |
URL GET HTTP/3stepnconnectactivation.pages.dev/css/main.css IP188.114.97.1:443
Requested byhttps://stepnconnectactivation.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectstepnconnectactivation.pages.dev Fingerprint20:88:62:DA:DA:09:F3:DB:3B:C0:19:CA:05:D7:5C:67:6B:B7:BD:DE ValidityWed, 17 Apr 2024 12:09:59 GMT - Tue, 16 Jul 2024 12:09:58 GMT
File typeASCII text, with very long lines (3447), with no line terminators Hashf77a6bf0425ab7147c69be32a63651e9 898fa599c7a3a6c6c0b791683bf09a4f3c8554c6 9f6e3bc2c53b2ba024255edd6d771795a3b774e54ce0f7dbc59ede1e25c24661
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Crypto/Wallet | | PhishTank | phishing | Other |
GET /css/main.css HTTP/1.1
Host: stepnconnectactivation.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://stepnconnectactivation.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:23:37 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"7a41ef37a8177999666e337c5221ce55"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nGIpb4r3IeW%2FcTlTzKuteaLz6extRYzykDHamy163TIXhzzsi1qfE6MJZpsERA7VpOEPJy%2BO9HbnCBZWJ0Is9aRN%2BmjVcqCUYiJdEzLHo3ks57jR2AoCzoktik0395zYFbMcnMasV5WyLkuMK3OQsmxSEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762394fbbe5712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|