urlscan.io logo urlscan.io
SecurityTrails logo

wallet-confirmation.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2d18  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://wallet-confirmation.pages.dev/page/wallet
Submission: On November 19 via api from LU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 2606:4700:310c::ac42:2d18, located in United States and belongs to CLOUDFLARENET, US. The main domain is wallet-confirmation.pages.dev.
TLS certificate: Issued by WE1 on November 2nd 2024. Valid for: 3 months.
This is the only time wallet-confirmation.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

IP Address AS Autonomous System
1 14 2606:4700:310... 13335 (CLOUDFLAR...)
13 2
Apex Domain
Subdomains		 Transfer
14 pages.dev
wallet-confirmation.pages.dev
591 KB
13 1
Domain Requested by
14 wallet-confirmation.pages.dev 1 redirects wallet-confirmation.pages.dev
13 1

This site contains no links.

Subject Issuer Validity Valid
wallet-confirmation.pages.dev
WE1		 2024-11-02 -
2025-01-31		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://wallet-confirmation.pages.dev/page/wallet
Frame ID: BB49878A299ED2C623956A410B14F729
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Secured Wallet Validator

Page URL History Show full URLs

  1. https://wallet-confirmation.pages.dev/page/wallet Page URL
  2. https://wallet-confirmation.pages.dev/cdn-cgi/phish-bypass?atok=P4FJmqTMoJ8DVYitemMpKrO6ilVAXpz97ub986dXy60-173201... HTTP 301
    https://wallet-confirmation.pages.dev/page/wallet Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Page Statistics

13
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

591 kB
Transfer

649 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://wallet-confirmation.pages.dev/page/wallet Page URL
  2. https://wallet-confirmation.pages.dev/cdn-cgi/phish-bypass?atok=P4FJmqTMoJ8DVYitemMpKrO6ilVAXpz97ub986dXy60-1732014159-0.0.1.1-%2Fpage%2Fwallet HTTP 301
    https://wallet-confirmation.pages.dev/page/wallet Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
wallet
wallet-confirmation.pages.dev/page/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wallet-confirmation.pages.dev/page/wallet
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2d18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f0f801e5ec94d2b347e0e0bd340335bc66610c1a4175fdd4b8ee48c55462d77
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36

Response headers

cf-ray
8e4fb590ddbf30e7-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 19 Nov 2024 11:02:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4cFq6Y31vfT98BvrHJAUhbA5BxytuIfSVTCkrdn04TiKCjEbdryKwhoBkwhP0KTu3NcMpMhzhTJNN4Puta4yMx83hVgKGGbwK1kFPROyXUdwLhhwLZBCp1DHjXB%2BbvT7jL%2B%2FVy%2BGIVmAqhwZ40PAK%2B2Qx%2B2o5J44zv0%2BNg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf.errors.css
wallet-confirmation.pages.dev/cdn-cgi/styles/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wallet-confirmation.pages.dev/cdn-cgi/styles/cf.errors.css
Requested by
Host: wallet-confirmation.pages.dev
URL: https://wallet-confirmation.pages.dev/page/wallet
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2d18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer
https://wallet-confirmation.pages.dev/page/wallet

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
content-encoding
gzip
etag
W/"67379e96-5df3"
x-content-type-options
nosniff
cf-ray
8e4fb592ef7d30e7-FRA
expires
Tue, 19 Nov 2024 13:02:39 GMT
date
Tue, 19 Nov 2024 11:02:39 GMT
content-type
text/css
last-modified
Fri, 15 Nov 2024 19:18:46 GMT
server
cloudflare
x-frame-options
DENY
icon-exclamation.png
wallet-confirmation.pages.dev/cdn-cgi/images/ 		452 B
635 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wallet-confirmation.pages.dev/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: wallet-confirmation.pages.dev
URL: https://wallet-confirmation.pages.dev/cdn-cgi/styles/cf.errors.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2d18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer
https://wallet-confirmation.pages.dev/cdn-cgi/styles/cf.errors.css

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
etag
"67379e96-1c4"
x-content-type-options
nosniff
cf-ray
8e4fb598bc9330e7-FRA
expires
Tue, 19 Nov 2024 13:02:40 GMT
accept-ranges
bytes
content-length
452
date
Tue, 19 Nov 2024 11:02:40 GMT
content-type
image/png
last-modified
Fri, 15 Nov 2024 19:18:46 GMT
server
cloudflare
x-frame-options
DENY
favicon.ico
wallet-confirmation.pages.dev/ 		12 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://wallet-confirmation.pages.dev/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2d18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0bca56e0a540555822b7720cd221f0a2bfbddd8c7b446be051c6008de2044cc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer
https://wallet-confirmation.pages.dev/page/wallet

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VwFwcl14%2FTk1eqKn%2FVAxMho6I0C%2Fl0LsOqz0IwHykyvXfWEGjF8cSRSzehK6WgYWUDY5DMEOAHzeoqbtN83JNWoAtC1ZjSsrtdhWriUR%2B378jDEdV%2Fq8rISs5TuB1qIjmGgbI93KiYiXSE6HpqldZMukcXnryVvJhxdK9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e4fb59bdff630e7-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28182&sent=25&recv=19&lost=0&retrans=0&sent_bytes=12121&recv_bytes=6203&delivery_rate=29517&cwnd=12000&unsent_bytes=0&cid=28ed3ac997c47b26&ts=2363&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 19 Nov 2024 11:02:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
Primary Request wallet
wallet-confirmation.pages.dev/page/
Redirect Chain
  • https://wallet-confirmation.pages.dev/cdn-cgi/phish-bypass?atok=P4FJmqTMoJ8DVYitemMpKrO6ilVAXpz97ub986dXy60-1732014159-0.0.1.1-%2Fpage%2Fwallet
  • https://wallet-confirmation.pages.dev/page/wallet
15 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wallet-confirmation.pages.dev/page/wallet
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2d18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb5113de6d52da2f51d31245d9a9664436353dcca4265039baab31e7f0b6c2ef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wallet-confirmation.pages.dev/page/wallet
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-ray
8e4fb5b1fcfb30e7-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 19 Nov 2024 11:02:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QTVLo5axv49RvEJj4IQXHBsCM38okj40gshkU92WOXWJPwnQnAt1TWgMbrKaX2cKyB%2FgIyfTAhfJOZZhu5fFQvZlvHfsHQddJlxcmThR1xxnpHcDxZiKXCOI7PrGon6idgDMEjd4hupYwSrPoRlc60GZPyO2rmXc4PwDSg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=28147&sent=37&recv=28&lost=1&retrans=0&sent_bytes=19162&recv_bytes=7542&delivery_rate=629&cwnd=12000&unsent_bytes=0&cid=28ed3ac997c47b26&ts=5786&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

cache-control
private, no-cache
cf-ray
8e4fb5b1bcd530e7-FRA
content-length
167
content-type
text/html
date
Tue, 19 Nov 2024 11:02:44 GMT
location
https://wallet-confirmation.pages.dev/page/wallet
server
cloudflare
x-content-type-options
nosniff
x-frame-options
DENY
index.a537b022.js.download
wallet-confirmation.pages.dev/page/Secured%20Wallet%20Validator_files/ 		71 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wallet-confirmation.pages.dev/page/Secured%20Wallet%20Validator_files/index.a537b022.js.download
Requested by
Host: wallet-confirmation.pages.dev
URL: https://wallet-confirmation.pages.dev/page/wallet
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2d18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94fb4fc02cd84a1e8684409fa27655762d0a5ceb7ee15cd82eb7dd930c0341bb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Origin
https://wallet-confirmation.pages.dev
Referer
https://wallet-confirmation.pages.dev/page/wallet

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
"f56a014c34a8ce1ac61490323d409cb2"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kiLbuGXi738ZnFR44otfY%2BllCYA4lr%2Be2s138UYSO1cgW1HqbG8x%2F9b9QvhEIyp5oxn%2BVqC%2BOE7HDAsQwEqdiAv%2FRrcDkqhbZ1ITs7I%2B63JYZJRkt0fJxhKTm10iTL%2FhIVsfyB4jQIY5EK6qE%2BBaqrnd%2BgAFS%2BjeWSTflg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e4fb5b42f0c30e7-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
73093
server-timing
cfL4;desc="?proto=QUIC&rtt=24686&sent=65&recv=48&lost=1&retrans=0&sent_bytes=44358&recv_bytes=11420&delivery_rate=43634&cwnd=22800&unsent_bytes=0&cid=28ed3ac997c47b26&ts=6406&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 19 Nov 2024 11:02:45 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=1,i=?0
index.414052a5.css
wallet-confirmation.pages.dev/page/Secured%20Wallet%20Validator_files/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wallet-confirmation.pages.dev/page/Secured%20Wallet%20Validator_files/index.414052a5.css
Requested by
Host: wallet-confirmation.pages.dev
URL: https://wallet-confirmation.pages.dev/page/wallet
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2d18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
414052a5d40abc648bfcd0beb709d5b677dd05860cd54d97e8cf2719682594c4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer
https://wallet-confirmation.pages.dev/page/wallet

Response headers

content-encoding
br
etag
W/"3d8aa2979bbaaf245beacd41130266a1"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jX0oN57ID6Pjz5K6UA7wtMFUz9e3PmaFYc5rqr4k5CPjVKsVRr8ww1Hq7IW2T4F6II0zKqtGL7FlAuFyITk2XSVjlz9T8LNU2cjMfHpySr9kx7Jq0A1Y5lZiOp92zVnlOK9kKrZVXayC%2F1q6QL0Wptb7VhGkrIBlWrmt1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28846&sent=48&recv=39&lost=1&retrans=0&sent_bytes=26515&recv_bytes=11032&delivery_rate=245707&cwnd=12000&unsent_bytes=0&cid=28ed3ac997c47b26&ts=6116&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 19 Nov 2024 11:02:45 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e4fb5b42f0e30e7-FRA
access-control-allow-origin
*
server
cloudflare
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
103fb72c718529d9de4b4f5642a1fa6811adc8431f7f3990ace6d1d8661b0d37

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer

Response headers

Content-Type
image/png
validtopimg.9ec8b40f.png
wallet-confirmation.pages.dev/page/Secured%20Wallet%20Validator_files/ 		120 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wallet-confirmation.pages.dev/page/Secured%20Wallet%20Validator_files/validtopimg.9ec8b40f.png
Requested by
Host: wallet-confirmation.pages.dev
URL: https://wallet-confirmation.pages.dev/page/wallet
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2d18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ec8b40f19b5a0c8904be975d24c6780f00f3776756dd096075806cc30a482e2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer
https://wallet-confirmation.pages.dev/page/wallet

Response headers

etag
"69adca428e4ddea281f2aeaf2e796127"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Opk2%2BbMi7mIctOtKC2NgFqwMJC82ryfTXuQpN12xFAv44YTDchUGB61cfB9FjMi9We%2FW9lnqsNrRY6%2BLbjbMvnRbYTZQBnJbJY8EdPi6wsYBmfWoRV2q%2BLFk9quWH5FM4nOcPniG0oGcD9Iq0c5wwYD4F%2FeEV9BUV%2BzC2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21061&sent=522&recv=112&lost=82&retrans=81&sent_bytes=587927&recv_bytes=14337&delivery_rate=2139567&cwnd=70080&unsent_bytes=0&cid=28ed3ac997c47b26&ts=6722&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 19 Nov 2024 11:02:45 GMT
content-type
image/png
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e4fb5b43f1e30e7-FRA
access-control-allow-origin
*
content-length
123079
server
cloudflare
illustration.20e47956.svg
wallet-confirmation.pages.dev/page/Secured%20Wallet%20Validator_files/ 		13 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wallet-confirmation.pages.dev/page/Secured%20Wallet%20Validator_files/illustration.20e47956.svg
Requested by
Host: wallet-confirmation.pages.dev
URL: https://wallet-confirmation.pages.dev/page/wallet
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2d18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20e47956bb60bca4ec740ca1c72b12bf8749aa69da0c8e0614d597e23de758f2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer
https://wallet-confirmation.pages.dev/page/wallet

Response headers

content-encoding
br
etag
W/"da2f87c0e04c36cbb2ccb5f6a51b195f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kJVY1gP%2Fs4H4OrcDpDYmIstR14gmZYWZq6VPfd3MGNnDKcuWZyb%2F5f%2BhALu7iV0UR8oSiKPRXS47e4sKQ9PV%2FJ8eePV4i4QviZhc%2FJ3xre%2F%2BDapF0O%2BZFDV5cNFyAmUsqMX9dr2o%2FsMjp%2FGYj1YuvbMab%2BB2Y9XPDn%2Br5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=29390&sent=51&recv=41&lost=1&retrans=0&sent_bytes=29660&recv_bytes=11119&delivery_rate=12220&cwnd=12000&unsent_bytes=0&cid=28ed3ac997c47b26&ts=6236&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 19 Nov 2024 11:02:45 GMT
content-type
image/svg+xml
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e4fb5b44f2d30e7-FRA
access-control-allow-origin
*
server
cloudflare
Crypto-portfolio-rafiki.90319317.png
wallet-confirmation.pages.dev/page/Secured%20Wallet%20Validator_files/ 		206 KB
207 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wallet-confirmation.pages.dev/page/Secured%20Wallet%20Validator_files/Crypto-portfolio-rafiki.90319317.png
Requested by
Host: wallet-confirmation.pages.dev
URL: https://wallet-confirmation.pages.dev/page/wallet
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2d18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90319317db1ed52e2bed3250e7b112f36a3a747fadc70404c029ce3f19a56b32
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer
https://wallet-confirmation.pages.dev/page/wallet

Response headers

etag
"b2dbc4a31ed910c4ee48edcede588b70"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3YocbOD8462eamxCaEO6QvuCsAiJ9CxlTcQpVg9Yscxdsc3LRjZS4RV9GNpgxaBr9DcSlEuowXzdiNMclC9ADj2VtTUPRK8b2k8miZeKbGrszqXaFrocstubwjhChhDFG0Mg4HxEAYQRW23FEBP1eBdCPVH3AV7Vku%2Fgdw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22275&sent=339&recv=93&lost=82&retrans=81&sent_bytes=371639&recv_bytes=13452&delivery_rate=1965920&cwnd=68880&unsent_bytes=0&cid=28ed3ac997c47b26&ts=6594&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 19 Nov 2024 11:02:45 GMT
content-type
image/png
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e4fb5b44f2f30e7-FRA
access-control-allow-origin
*
content-length
210804
server
cloudflare
My-password-rafiki.a35441f9.png
wallet-confirmation.pages.dev/page/Secured%20Wallet%20Validator_files/ 		147 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wallet-confirmation.pages.dev/page/Secured%20Wallet%20Validator_files/My-password-rafiki.a35441f9.png
Requested by
Host: wallet-confirmation.pages.dev
URL: https://wallet-confirmation.pages.dev/page/wallet
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2d18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a35441f9603f86eb1610eb53af327c963a6fd51a6b8dcd24d77087a0073dbd42
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer
https://wallet-confirmation.pages.dev/page/wallet

Response headers

etag
"3bc5bbb842b40003d78ba1c04108846d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qYBw3gcjc6KTod8EP%2By21uOWVqkCGZhxYRbSlpaxMXy57K9ZnH6edEOSwQUqKJ8VNxrhYKTquXMuyqiiW86ljUB6Lf3XxWkCxRDQS1N509y%2B156vM9A7HVcjH%2F7fAj7eLHgHaWViFkmzEMuwlUSEFS0xJ4VdF5IMwuVz2g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=20575&sent=128&recv=72&lost=1&retrans=0&sent_bytes=119811&recv_bytes=12482&delivery_rate=1981471&cwnd=49200&unsent_bytes=0&cid=28ed3ac997c47b26&ts=6497&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 19 Nov 2024 11:02:45 GMT
content-type
image/png
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e4fb5b44f3030e7-FRA
access-control-allow-origin
*
content-length
150527
server
cloudflare
Relaxing-at-home-rafiki.3f412216.png
wallet-confirmation.pages.dev/page/Secured%20Wallet%20Validator_files/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wallet-confirmation.pages.dev/page/Secured%20Wallet%20Validator_files/Relaxing-at-home-rafiki.3f412216.png
Requested by
Host: wallet-confirmation.pages.dev
URL: https://wallet-confirmation.pages.dev/page/wallet
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2d18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f4122164b0c8afd59d1f66d47cfcbcec78fd4f424ca28b57f6b8feb4d597789
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer
https://wallet-confirmation.pages.dev/page/wallet

Response headers

etag
"e01ba4e86cd9118dc88555126aca32a2"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rBjOGJr%2FXZm7ZH59iOoFH7o9EzkRUdihOgKtTUrihRP6nI4OVH%2FCWu9trBHIk8mo7HxyB9m1bkYSr6InNh6XOJmZFhgmgXXD9QZvFYEX8ZIP74Sx0PUta942fMcMgxGJF76Ma5tYh%2BgmbBsE8V9Hrrl0tMZOQ1uQgNfwaw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=29218&sent=54&recv=42&lost=1&retrans=0&sent_bytes=32625&recv_bytes=11162&delivery_rate=85656&cwnd=12000&unsent_bytes=0&cid=28ed3ac997c47b26&ts=6266&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 19 Nov 2024 11:02:45 GMT
content-type
image/png
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e4fb5b44f3130e7-FRA
access-control-allow-origin
*
content-length
10761
server
cloudflare
favicon.ico
wallet-confirmation.pages.dev/ 		12 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://wallet-confirmation.pages.dev/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2d18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0bca56e0a540555822b7720cd221f0a2bfbddd8c7b446be051c6008de2044cc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer
https://wallet-confirmation.pages.dev/page/wallet

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CSXz2wrRyazxjsbZnE04E9SJ8VwEYl8E5VUNvBzzkfi5bl1BVVSn9hwKxD7bqzGAMcf6ZD6kzDCbl4CjCFCuZ%2BgsLM3e8v9JNR3TLdrWbJFPobG3ExJfoSJOo7UOAFEcBeSFaA8A8n072rnrT6O%2B9tInf5xqeX%2Faj51nhg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e4fb5bb9ea330e7-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28112&sent=631&recv=125&lost=82&retrans=81&sent_bytes=714551&recv_bytes=15334&delivery_rate=2036502&cwnd=71280&unsent_bytes=0&cid=28ed3ac997c47b26&ts=7100&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 19 Nov 2024 11:02:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
cloudflare
priority
u=1,i

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
.wallet-confirmation.pages.dev/ Name: __cf_mw_byp
Value: P4FJmqTMoJ8DVYitemMpKrO6ilVAXpz97ub986dXy60-1732014159-0.0.1.1-/page/wallet

2 Console Messages

Source Level URL
Text
network error URL: https://wallet-confirmation.pages.dev/page/wallet
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript error URL: https://wallet-confirmation.pages.dev/page/Secured%20Wallet%20Validator_files/index.a537b022.js.download
Message:
Failed to load module script: Expected a JavaScript module script but the server responded with a MIME type of "". Strict MIME type checking is enforced for module scripts per HTML spec.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN