urlscan.io logo urlscan.io
SecurityTrails logo

remws.gr Open in urlscan Pro
2606:4700:3031::ac43:d2db  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://remws.gr/blockchainwalletrecover/
Submission: On March 05 via manual from GH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 23 HTTP transactions. The main IP is 2606:4700:3031::ac43:d2db, located in United States and belongs to CLOUDFLARENET, US. The main domain is remws.gr.
TLS certificate: Issued by E1 on February 24th 2024. Valid for: 3 months.
This is the only time remws.gr was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Blockchain (Crypto Exchange)

Domain & IP information

IP Address AS Autonomous System
1 8 2606:4700:303... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 104.16.29.98 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
23 7
8    2606:4700:3031::ac43:d2db (United States)

ASN13335 (CLOUDFLARENET, US)
remws.gr
7    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    104.16.29.98 (None, )

ASN13335 (CLOUDFLARENET, US)
login.blockchain.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
8 gstatic.com
www.gstatic.com
fonts.gstatic.com
466 KB
8 remws.gr
remws.gr
13 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
31 KB
2 blockchain.com
login.blockchain.com — Cisco Umbrella Rank: 367857
31 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
100 KB
23 5
Domain Requested by
8 remws.gr 1 redirects remws.gr
7 www.gstatic.com remws.gr
www.google.com
www.gstatic.com
3 www.google.com remws.gr
www.gstatic.com
2 login.blockchain.com remws.gr
1 fonts.gstatic.com www.google.com
1 www.googletagmanager.com remws.gr
23 6

This site contains links to these domains. Also see Links.

Domain
support.blockchain.com
github.com
Subject Issuer Validity Valid
remws.gr
E1		 2024-02-24 -
2024-05-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
www.blockchain.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-12 -
2024-11-05		 a year crt.sh

This page contains 4 frames:

Primary Page: https://remws.gr/blockchainwalletrecover/
Frame ID: 2ED488F5FAD60D2CA25B8B454A1BAA76
Requests: 13 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcxysYaAAAAAOf5QgMWz-GXzoXjpvSrSXETmtlU&co=aHR0cHM6Ly9sb2dpbi5ibG9ja2NoYWluLmNvbTo0NDM.&hl=ru&v=gWN_U6xTIPevg0vuq7g1hct0&size=invisible&cb=a34hevnczymf
Frame ID: C4F30A18BFFCAB33B66225F5373F9E98
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcxysYaAAAAAOf5QgMWz-GXzoXjpvSrSXETmtlU&co=aHR0cHM6Ly9yZW13cy5ncjo0NDM.&hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=wvw8tihv9fdh
Frame ID: 1C169361368B565969958CD98F32D06E
Requests: 5 HTTP requests in this frame

Frame: https://remws.gr/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js
Frame ID: 12200C181595B26FBCB0378FA47057BF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Blockchain.com | Recover

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

23
Requests

87 %
HTTPS

83 %
IPv6

5
Domains

6
Subdomains

7
IPs

3
Countries

641 kB
Transfer

1572 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://remws.gr/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://remws.gr/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
remws.gr/blockchainwalletrecover/ 		16 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://remws.gr/blockchainwalletrecover/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d2db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.16 PleskLin
Resource Hash
9f226867cfd6fa73691c2672a0292a4888fab8b7cbae9a6d233065599ee69743

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85fcb48e78781c7f-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 05 Mar 2024 20:02:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gB3I5UR3ey1zP87r7gGHm5Rv3eiOOruy9jXrkNr74p65DUQtSStbZkGFv3ojNM1L0FzqnJ79qtPTdxtkScBuPH6sTMd%2F6duOI%2FzUetJreIJrCM%2FYM%2FsaiECkaYomJFXXUFDZgjuSZw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-cache-status
BYPASS
x-powered-by
PHP/8.2.16 PleskLin
style.css
remws.gr/blockchainwalletrecover/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://remws.gr/blockchainwalletrecover/style.css
Requested by
Host: remws.gr
URL: https://remws.gr/blockchainwalletrecover/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d2db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
5f823aa8dfc4fc4c88fdcd07228b3a6685194bb325ab2f4504a38e0b8ff73da2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://remws.gr/blockchainwalletrecover/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 20:02:43 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 05 Mar 2024 17:29:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65e7567a-322a"
x-powered-by
PleskLin
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ZJQ0IgJY%2FtKli4pSEeA%2Bfg7YaJ8JRBjJNCtnQXS8nu%2BUNIwL2S6T5lsh7EOLb13l1qGMrA0DLoGr2bcbf89Bt1flwuRwkh5OvGk%2B7mW5sziySHCUf4mTBmSi7VnfyRdXiItelAezg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
85fcb48ee9451c7f-FRA
alt-svc
h3=":443"; ma=86400
recaptcha__ru.js
www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/recaptcha__ru.js
Requested by
Host: remws.gr
URL: https://remws.gr/blockchainwalletrecover/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://remws.gr/
Origin
https://remws.gr
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 20:02:43 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1621
x-xss-protection
0
runtime.c19ecdb9.js
remws.gr/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://remws.gr/runtime.c19ecdb9.js
Requested by
Host: remws.gr
URL: https://remws.gr/blockchainwalletrecover/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d2db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.16
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://remws.gr/blockchainwalletrecover/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

cf-edge-cache
cache,platform=wordpress
date
Tue, 05 Mar 2024 20:02:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.2.16
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eeOrzh%2FRRJigPRxpD%2BaYLV2AZauCL93A%2BWqnri%2B9HS2RKE8wgfga%2F85UFNr26Jxx3vfe6cMIAyrbU9D0xfqVrZ94Mz0AujVLbBwMy%2F41VCyaz1lmX1LXTYxzmsUxzToCwxxkNaJ%2BhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
cf-ray
85fcb48f48d639c4-FRA
link
<https://remws.gr/wp-json/>; rel="https://api.w.org/"
alt-svc
h3=":443"; ma=86400
expires
Wed, 11 Jan 1984 05:00:00 GMT
app.c19ecdb9.js
remws.gr/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://remws.gr/app.c19ecdb9.js
Requested by
Host: remws.gr
URL: https://remws.gr/blockchainwalletrecover/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d2db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.16
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://remws.gr/blockchainwalletrecover/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

cf-edge-cache
cache,platform=wordpress
date
Tue, 05 Mar 2024 20:02:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.2.16
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BrYuXWgPUgRDl0B21jFmDra7%2FGlEpW2YTYp%2BgqkdWvRRTfzX%2F6P3xxB%2BPY%2F2n6ujyEoApL0PX3j%2F4JqSuW%2FOZIbAjq6dtZ7XI6hizW7hvrL6htXxLvy3WT676pWAeouEF2iAn%2Bao%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
cf-ray
85fcb48f48da39c4-FRA
link
<https://remws.gr/wp-json/>; rel="https://api.w.org/"
alt-svc
h3=":443"; ma=86400
expires
Wed, 11 Jan 1984 05:00:00 GMT
gtm.js
www.googletagmanager.com/ 		289 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KK99TPJ
Requested by
Host: remws.gr
URL: https://remws.gr/blockchainwalletrecover/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7c0fafe4868d5ba3a78dbc06b705e62f4cf1d0e05663ce8a846844f89fa60d54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://remws.gr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 20:02:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
101548
x-xss-protection
0
last-modified
Tue, 05 Mar 2024 18:29:07 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 05 Mar 2024 20:02:43 GMT
enterprise.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise.js?render=6LcxysYaAAAAAOf5QgMWz-GXzoXjpvSrSXETmtlU
Requested by
Host: remws.gr
URL: https://remws.gr/blockchainwalletrecover/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a8ce683b80af45289bc391673623770bd750025dd924d052591e670e59c5af55
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://remws.gr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 20:02:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Tue, 05 Mar 2024 20:02:43 GMT
bc-logo.svg
login.blockchain.com/img/ 		6 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.blockchain.com/img/bc-logo.svg?91c7840afd
Requested by
Host: remws.gr
URL: https://remws.gr/blockchainwalletrecover/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.29.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6fdd6df66992c94ee619a7d602b16fcd06ae091df353643df482b89883062fb
Security Headers
Name Value
Content-Security-Policy img-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://blockchain.info *.googleusercontent.com *.yapily.com *.githubusercontent.com android-webview-video-poster: blob: data: https:; script-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info 'nonce-6aNgHNebLmyysKstjrwN0bhkOXjSUPet' https://www.googletagmanager.com https://script.hotjar.com https://analytics.twitter.com; script-src-elem https://login.blockchain.com https://wallet-frontend.prod.blockchain.info 'nonce-6aNgHNebLmyysKstjrwN0bhkOXjSUPet' https://www.googletagmanager.com https://analytics.twitter.com; style-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info 'nonce-6aNgHNebLmyysKstjrwN0bhkOXjSUPet' https://static.hotjar.com; child-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://wallet-helper.blockchain.com blob:; frame-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://blockchain.info https://wallet-helper.blockchain.com *.veriff.me https://api.sardine.ai *.veriff.me https://pay.google.com https://www.google.com https://tr.snapchat.com https://vars.hotjar.com https://api.sandbox.sardine.ai https://api.sardine.ai; connect-src data: https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://blockchain.info https://api.blockchain.info wss://ws.blockchain.info/nabu-gateway/markets/quotes wss://ws.blockchain.info/coins wss://ws.blockchain.info/inv wss://ws.blockchain.info/eth/inv wss://ws.blockchain.info/bch/inv https://wallet-helper.blockchain.com https://manager.api.live.ledger.com wss://api.ledgerwallet.com https://horizon.stellar.org https://friendbot.stellar.org https://bitpay.com https://pay.every-pay.eu https://firebaseinstallations.googleapis.com https://firebaseremoteconfig.googleapis.com https://api.sardine.ai wss://*.walletconnect.org https://api.blockchain.info https://api.opensea.io https://static.zdassets.com https://ekr.zdassets.com https://blockchain.zendesk.com https://*.google-analytics.com https://tr.snapchat.com https://api.sandbox.sardine.ai https://api.sardine.ai; object-src 'none'; media-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://storage.googleapis.com/bc_public_assets/ data: mediastream: blob:; font-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info; worker-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://remws.gr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 20:02:43 GMT
content-security-policy
img-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://blockchain.info *.googleusercontent.com *.yapily.com *.githubusercontent.com android-webview-video-poster: blob: data: https:; script-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info 'nonce-6aNgHNebLmyysKstjrwN0bhkOXjSUPet' https://www.googletagmanager.com https://script.hotjar.com https://analytics.twitter.com; script-src-elem https://login.blockchain.com https://wallet-frontend.prod.blockchain.info 'nonce-6aNgHNebLmyysKstjrwN0bhkOXjSUPet' https://www.googletagmanager.com https://analytics.twitter.com; style-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info 'nonce-6aNgHNebLmyysKstjrwN0bhkOXjSUPet' https://static.hotjar.com; child-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://wallet-helper.blockchain.com blob:; frame-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://blockchain.info https://wallet-helper.blockchain.com *.veriff.me https://api.sardine.ai *.veriff.me https://pay.google.com https://www.google.com https://tr.snapchat.com https://vars.hotjar.com https://api.sandbox.sardine.ai https://api.sardine.ai; connect-src data: https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://blockchain.info https://api.blockchain.info wss://ws.blockchain.info/nabu-gateway/markets/quotes wss://ws.blockchain.info/coins wss://ws.blockchain.info/inv wss://ws.blockchain.info/eth/inv wss://ws.blockchain.info/bch/inv https://wallet-helper.blockchain.com https://manager.api.live.ledger.com wss://api.ledgerwallet.com https://horizon.stellar.org https://friendbot.stellar.org https://bitpay.com https://pay.every-pay.eu https://firebaseinstallations.googleapis.com https://firebaseremoteconfig.googleapis.com https://api.sardine.ai wss://*.walletconnect.org https://api.blockchain.info https://api.opensea.io https://static.zdassets.com https://ekr.zdassets.com https://blockchain.zendesk.com https://*.google-analytics.com https://tr.snapchat.com https://api.sandbox.sardine.ai https://api.sardine.ai; object-src 'none'; media-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://storage.googleapis.com/bc_public_assets/ data: mediastream: blob:; font-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info; worker-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
age
3298
x-original-host
login.blockchain.com
x-blockchain-cp-f
xnwl 0.003 - abad3315045fff831a942240e828d712
content-encoding
br
x-xss-protection
1; mode=block
x-request-id
abad3315045fff831a942240e828d712
last-modified
Tue, 05 Mar 2024 19:07:45 GMT
x-blockchain-cp-b
wallet-frontend
server
cloudflare
x-blockchain-server
BlockchainFE/1.0
vary
Accept-Encoding
content-type
image/svg+xml
x-blockchain-language
de
cache-control
public, max-age=3600
x-blockchain-language-id
0:0:1 (en:en:de)
cf-ray
85fcb48f5b4c68ef-FRA
script.js
remws.gr/blockchainwalletrecover/ 		839 B
653 B 		Script
General
Check archive.org
Download Go to
Full URL
https://remws.gr/blockchainwalletrecover/script.js
Requested by
Host: remws.gr
URL: https://remws.gr/blockchainwalletrecover/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d2db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
5b587405501fdbf456e6b0a2a33cc264b8a3905bdb78e8dc80c8400726c00ebe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://remws.gr/blockchainwalletrecover/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 20:02:43 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 05 Mar 2024 17:29:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65e7567a-347"
x-powered-by
PleskLin
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wLGheXSIc6AQpNgaH15d0G9ptkGS12Qbsztt53wze0llZIr9gZKGZvO%2BfGUSmjhtTt7ogGe9Kifyf%2FKvki0kjtuBXRB0ZZ0cebFFf6VGRQ1cOiFWWmlYRUroI83SnTmWcbHjKS1IIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
85fcb48ee9471c7f-FRA
alt-svc
h3=":443"; ma=86400
anchor
www.google.com/recaptcha/enterprise/ Frame C4F3 		45 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcxysYaAAAAAOf5QgMWz-GXzoXjpvSrSXETmtlU&co=aHR0cHM6Ly9sb2dpbi5ibG9ja2NoYWluLmNvbTo0NDM.&hl=ru&v=gWN_U6xTIPevg0vuq7g1hct0&size=invisible&cb=a34hevnczymf
Requested by
Host: remws.gr
URL: https://remws.gr/blockchainwalletrecover/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
436c00eee96f50f08d2bb17e0fa6c9308d48f8ab33cd90036f4fe54f715bf793
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kyM3I5oQEAMjAYBiiCwO6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://remws.gr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-kyM3I5oQEAMjAYBiiCwO6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 05 Mar 2024 20:02:43 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bg-pattern.svg
login.blockchain.com/img/ 		125 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.blockchain.com/img/bg-pattern.svg
Requested by
Host: remws.gr
URL: https://remws.gr/blockchainwalletrecover/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.29.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cb6b6de41e6999a4033374049e31c8a2dbbb9b34f71ad259f7e98e778a65d25
Security Headers
Name Value
Content-Security-Policy img-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://blockchain.info *.googleusercontent.com *.yapily.com *.githubusercontent.com android-webview-video-poster: blob: data: https:; script-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info 'nonce-J27TwGlvDiMyptTt7YXjr6oSe6wBzhGq' https://www.googletagmanager.com https://script.hotjar.com https://analytics.twitter.com; script-src-elem https://login.blockchain.com https://wallet-frontend.prod.blockchain.info 'nonce-J27TwGlvDiMyptTt7YXjr6oSe6wBzhGq' https://www.googletagmanager.com https://analytics.twitter.com; style-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info 'nonce-J27TwGlvDiMyptTt7YXjr6oSe6wBzhGq' https://static.hotjar.com; child-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://wallet-helper.blockchain.com blob:; frame-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://blockchain.info https://wallet-helper.blockchain.com *.veriff.me https://api.sardine.ai *.veriff.me https://pay.google.com https://www.google.com https://tr.snapchat.com https://vars.hotjar.com https://api.sandbox.sardine.ai https://api.sardine.ai; connect-src data: https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://blockchain.info https://api.blockchain.info wss://ws.blockchain.info/nabu-gateway/markets/quotes wss://ws.blockchain.info/coins wss://ws.blockchain.info/inv wss://ws.blockchain.info/eth/inv wss://ws.blockchain.info/bch/inv https://wallet-helper.blockchain.com https://manager.api.live.ledger.com wss://api.ledgerwallet.com https://horizon.stellar.org https://friendbot.stellar.org https://bitpay.com https://pay.every-pay.eu https://firebaseinstallations.googleapis.com https://firebaseremoteconfig.googleapis.com https://api.sardine.ai wss://*.walletconnect.org https://api.blockchain.info https://api.opensea.io https://static.zdassets.com https://ekr.zdassets.com https://blockchain.zendesk.com https://*.google-analytics.com https://tr.snapchat.com https://api.sandbox.sardine.ai https://api.sardine.ai; object-src 'none'; media-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://storage.googleapis.com/bc_public_assets/ data: mediastream: blob:; font-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info; worker-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://remws.gr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 20:02:43 GMT
content-security-policy
img-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://blockchain.info *.googleusercontent.com *.yapily.com *.githubusercontent.com android-webview-video-poster: blob: data: https:; script-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info 'nonce-J27TwGlvDiMyptTt7YXjr6oSe6wBzhGq' https://www.googletagmanager.com https://script.hotjar.com https://analytics.twitter.com; script-src-elem https://login.blockchain.com https://wallet-frontend.prod.blockchain.info 'nonce-J27TwGlvDiMyptTt7YXjr6oSe6wBzhGq' https://www.googletagmanager.com https://analytics.twitter.com; style-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info 'nonce-J27TwGlvDiMyptTt7YXjr6oSe6wBzhGq' https://static.hotjar.com; child-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://wallet-helper.blockchain.com blob:; frame-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://blockchain.info https://wallet-helper.blockchain.com *.veriff.me https://api.sardine.ai *.veriff.me https://pay.google.com https://www.google.com https://tr.snapchat.com https://vars.hotjar.com https://api.sandbox.sardine.ai https://api.sardine.ai; connect-src data: https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://blockchain.info https://api.blockchain.info wss://ws.blockchain.info/nabu-gateway/markets/quotes wss://ws.blockchain.info/coins wss://ws.blockchain.info/inv wss://ws.blockchain.info/eth/inv wss://ws.blockchain.info/bch/inv https://wallet-helper.blockchain.com https://manager.api.live.ledger.com wss://api.ledgerwallet.com https://horizon.stellar.org https://friendbot.stellar.org https://bitpay.com https://pay.every-pay.eu https://firebaseinstallations.googleapis.com https://firebaseremoteconfig.googleapis.com https://api.sardine.ai wss://*.walletconnect.org https://api.blockchain.info https://api.opensea.io https://static.zdassets.com https://ekr.zdassets.com https://blockchain.zendesk.com https://*.google-analytics.com https://tr.snapchat.com https://api.sandbox.sardine.ai https://api.sardine.ai; object-src 'none'; media-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info https://storage.googleapis.com/bc_public_assets/ data: mediastream: blob:; font-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info; worker-src https://login.blockchain.com https://wallet-frontend.prod.blockchain.info blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
age
3297
x-original-host
login.blockchain.com
x-blockchain-cp-f
xnwl 0.002 - 10ad4212c6d7902bb3785d2af85d9118
content-encoding
br
x-xss-protection
1; mode=block
x-request-id
10ad4212c6d7902bb3785d2af85d9118
last-modified
Tue, 05 Mar 2024 19:07:46 GMT
x-blockchain-cp-b
wallet-frontend
server
cloudflare
x-blockchain-server
BlockchainFE/1.0
vary
Accept-Encoding
content-type
image/svg+xml
x-blockchain-language
de
cache-control
public, max-age=3600
x-blockchain-language-id
0:0:1 (en:en:de)
cf-ray
85fcb48f5b4e68ef-FRA
Inter-Medium.woff2
login.blockchain.com/fonts/ 		0
0
Inter-SemiBold.woff2
login.blockchain.com/fonts/ 		0
0
recaptcha__de.js
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ 		494 KB
197 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6LcxysYaAAAAAOf5QgMWz-GXzoXjpvSrSXETmtlU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7fc4f1369cfe55e3cbf37434690b559bd3be63351a5ab16e324823a3ab8a237a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://remws.gr/
Origin
https://remws.gr
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 16:56:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11165
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
201116
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 03:01:13 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 05 Mar 2025 16:56:38 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/ Frame C4F3 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcxysYaAAAAAOf5QgMWz-GXzoXjpvSrSXETmtlU&co=aHR0cHM6Ly9sb2dpbi5ibG9ja2NoYWluLmNvbTo0NDM.&hl=ru&v=gWN_U6xTIPevg0vuq7g1hct0&size=invisible&cb=a34hevnczymf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers
recaptcha__ru.js
www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/ Frame C4F3 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/recaptcha__ru.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcxysYaAAAAAOf5QgMWz-GXzoXjpvSrSXETmtlU&co=aHR0cHM6Ly9sb2dpbi5ibG9ja2NoYWluLmNvbTo0NDM.&hl=ru&v=gWN_U6xTIPevg0vuq7g1hct0&size=invisible&cb=a34hevnczymf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers
anchor
www.google.com/recaptcha/enterprise/ Frame 1C16 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcxysYaAAAAAOf5QgMWz-GXzoXjpvSrSXETmtlU&co=aHR0cHM6Ly9yZW13cy5ncjo0NDM.&hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=wvw8tihv9fdh
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
83822d3b5edc019113af9e7b49b687a14eae980bf6c175465828dc3798d56903
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WMUN4SDvPnU2F02ufrS3xA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://remws.gr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-WMUN4SDvPnU2F02ufrS3xA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 05 Mar 2024 20:02:43 GMT
expires
Tue, 05 Mar 2024 20:02:43 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame 1C16 		55 KB
55 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcxysYaAAAAAOf5QgMWz-GXzoXjpvSrSXETmtlU&co=aHR0cHM6Ly9yZW13cy5ncjo0NDM.&hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=wvw8tihv9fdh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 18:38:12 GMT
x-content-type-options
nosniff
age
5071
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56398
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 03:01:13 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 05 Mar 2025 18:38:12 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/ Frame 1C16 		494 KB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcxysYaAAAAAOf5QgMWz-GXzoXjpvSrSXETmtlU&co=aHR0cHM6Ly9yZW13cy5ncjo0NDM.&hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=wvw8tihv9fdh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7fc4f1369cfe55e3cbf37434690b559bd3be63351a5ab16e324823a3ab8a237a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 16:56:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11165
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
201116
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 03:01:13 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 05 Mar 2025 16:56:38 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 1C16 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/vj7hFxe2iNgbe-u95xTozOXW/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 03:45:28 GMT
x-content-type-options
nosniff
age
58635
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 12 Mar 2024 03:45:28 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1C16 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcxysYaAAAAAOf5QgMWz-GXzoXjpvSrSXETmtlU&co=aHR0cHM6Ly9yZW13cy5ncjo0NDM.&hl=de&v=vj7hFxe2iNgbe-u95xTozOXW&size=invisible&cb=wvw8tihv9fdh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 19:32:19 GMT
x-content-type-options
nosniff
age
88224
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Mar 2025 19:32:19 GMT
main.js
remws.gr/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/ Frame 1220
Redirect Chain
  • https://remws.gr/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://remws.gr/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://remws.gr/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js
Protocol
H3
Server
2606:4700:3031::ac43:d2db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31c013e9fdb65b1ea51597f418d72d27dfec85a5e8c7cecbfbf939fd1ed2a1c4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 20:02:44 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wS%2FMLc%2F2tjiz2ymb%2Bd4SGxdpdii3mwXewzbQ%2FY2HFhIDEeNadWmta%2FcYSUCKZi9gS8x%2F4x9Y1j8AX%2BK8bOKh0NpViWUcvF%2Bp%2BTdlysqKL5Szo8y80ma2befe60hbElX9km2Jt0lXbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
85fcb492df0139c4-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 05 Mar 2024 20:02:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5JTEQCgLd7%2FpWIykB77e9MA5pZv8r8lMUZw9aYVXsAp4AP5MBL6f1mPHDLKGBcprrNfsV4uCZVnrwediHlz%2FHJpXy%2Bf%2FEoLM3WXeXCoWtUYNp%2F%2Bpd0IPb9lhbT1I937VAr7tNqqEbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/aeb70db32f0f/main.js
cache-control
max-age=300, public
cf-ray
85fcb4928e8639c4-FRA
alt-svc
h3=":443"; ma=86400
85fcb48e78781c7f
remws.gr/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 1220 		0
590 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://remws.gr/cdn-cgi/challenge-platform/h/b/jsd/r/85fcb48e78781c7f
Requested by
Host: remws.gr
URL: https://remws.gr/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d2db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 05 Mar 2024 20:02:44 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VtcSRVyXBE8cdPhThjLGWG0PBEwYChl3ngTddX5sb3Hvs7oV6%2FcgfQ4HYV7mqVctYdtvMCt4RjqhJl77Kzr%2B%2BddH2zvJoHuSTneiDoq5jSRP1Shy2dJo6fr%2BnPBLGd9egM5eloX9EQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
85fcb493a85939c4-FRA
alt-svc
h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
login.blockchain.com
URL
https://login.blockchain.com/fonts/Inter-Medium.woff2
Domain
login.blockchain.com
URL
https://login.blockchain.com/fonts/Inter-SemiBold.woff2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Blockchain (Crypto Exchange)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 string| APP_VERSION string| CAPTCHA_KEY string| nonce object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_648785 object| google_tag_manager object| google_tag_data object| dataLayer

3 Cookies

Domain/Path Name / Value
.blockchain.com/ Name: __cfruid
Value: 643766d69dfa02c929c65cbcefaea8d9959f189f-1709668963
remws.gr/ Name: PHPSESSID
Value: 4ua5dmh1juag9rfigh0kalvgru
.remws.gr/ Name: cf_clearance
Value: tM_SeI1hrTHQvgowk0j8hBdj6bJVaRaMO6qnF4XkaAE-1709668964-1.0.1.1-WSEj7FKGi635xnVuJokaeOWgc5kk0BrDn3i4BTFN3B_8Rt7CiXcaCgbVpdV0NEz8Nxnogbljo9vUbcHXOk1oUg

12 Console Messages

Source Level URL
Text
other warning URL: https://remws.gr/blockchainwalletrecover/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://remws.gr/blockchainwalletrecover/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/recaptcha__ru.js
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://remws.gr/blockchainwalletrecover/
Message:
Refused to execute script from 'https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/recaptcha__ru.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network error URL: https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/styles__ltr.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/recaptcha__ru.js
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://remws.gr/blockchainwalletrecover/
Message:
Access to font at 'https://login.blockchain.com/fonts/Inter-SemiBold.woff2' from origin 'https://remws.gr' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://login.blockchain.com/fonts/Inter-SemiBold.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://remws.gr/blockchainwalletrecover/
Message:
Access to font at 'https://login.blockchain.com/fonts/Inter-Medium.woff2' from origin 'https://remws.gr' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://login.blockchain.com/fonts/Inter-Medium.woff2
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://remws.gr/runtime.c19ecdb9.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://remws.gr/app.c19ecdb9.js
Message:
Failed to load resource: the server responded with a status of 404 ()