Report - revokecashexploit.pages.dev/

Report Overview

Submitted URL
revokecashexploit.pages.dev/
IP
172.66.44.149
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-18 09:23:45
Access
public
Website Title
2023 Aave Seaport Hack: Check If You're Affected | Revoke.cash
Final URL
revokecashexploit.pages.dev/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
40

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
revokecashexploit.pages.dev	unknown	unknown	No data	No data	9.3 kB	6.1 MB	172.66.47.107
api.web3modal.com	unknown	2020-03-04	2023-08-14	2024-04-13	15 kB	113 kB	104.18.28.72
jscdnweb.pages.dev	unknown	2020-09-02	2023-09-19	2024-04-10	455 B	2.3 kB	172.66.45.14
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-18	568 B	26 kB	142.250.74.106
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-18	876 B	288 kB	104.17.25.14
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-04-17	1.9 kB	127 kB	151.101.193.229

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

Scan Date	Severity	Indicator	Alert
2024-04-01	medium	revokecashexploit.pages.dev/css/f2a653ccf40d1519.css	Other
2024-04-01	medium	revokecashexploit.pages.dev/images/apple-touch-icon.png	Other
2024-04-01	medium	revokecashexploit.pages.dev/favicon.ico	Other
2024-04-01	medium	revokecashexploit.pages.dev/	Other
2024-04-01	medium	revokecashexploit.pages.dev/images/ethereum.svg	Other
2024-04-01	medium	revokecashexploit.pages.dev/js/jquery.min.js	Other
2024-04-01	medium	revokecashexploit.pages.dev/js/web3.min.js	Other
2024-04-01	medium	revokecashexploit.pages.dev/images/f9fa0444b908def7e2cacce9c162c39a60167a27.svg	Other
2024-04-01	medium	revokecashexploit.pages.dev/js/aes.js	Other
2024-04-01	medium	revokecashexploit.pages.dev/images/3882ca837cc6bcf56d6be1301868a1c087ca02ac.svg	Other
2024-04-01	medium	revokecashexploit.pages.dev/js/ethers-5.2.umd.min.js	Other
2024-04-01	medium	revokecashexploit.pages.dev/js/d9dgb-q6ee0-b8wni.js	Other
2024-04-01	medium	revokecashexploit.pages.dev/js/modules.js	Other
2024-04-01	medium	revokecashexploit.pages.dev/settings.js	Other
2024-04-01	medium	revokecashexploit.pages.dev/images/en.svg	Other
2024-04-01	medium	revokecashexploit.pages.dev/js/pbkdf2.js	Other
2024-04-01	medium	revokecashexploit.pages.dev/images/revoke.svg	Other
2024-04-01	medium	revokecashexploit.pages.dev/images/f0438febff768476c4bd646204034239a5fc20d9.svg	Other
2024-04-01	medium	revokecashexploit.pages.dev/3ee076fdded270a43f39fee67389c17a.txt	Other
2024-04-01	medium	revokecashexploit.pages.dev/images/notcommon.svg	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (16)

	URL	Size	First Seen	Last Seen
	cdnjs.cloudflare.com/ajax/libs/web3/4.0.3/web3.min.js	638 kB	2023-07-13	2024-04-30
Pretty URL cdnjs.cloudflare.com/ajax/libs/web3/4.0.3/web3.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-13 05:39:36 Last Seen2024-04-30 17:57:18 Times Seen411 Hash 1932881debf364cfed402e1d0c7a54e3 e53d84ee93cb7c4eae82bdce939e80307b2cb1b1 e95c1fc6aaa308b9bbfc7ba359f34b57c65e4932440416441fe7c8864ccbdd84 Loading...

	revokecashexploit.pages.dev/js/modules.js	1.5 MB	2023-11-16	2024-04-18
Pretty URL revokecashexploit.pages.dev/js/modules.js IP 172.66.47.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-16 10:39:04 Last Seen2024-04-18 11:23:53 Times Seen4 Hash 24af21db75742662500989599f64b489 2df332ef63fe6d892d04d6d608d108abf388fc57 6a4ceb79754c00db61c2604030c57de2437831b39a8c0e0ec84ffbe25280e5f3 Loading...

	unknown	34 B	2023-04-11	2024-05-01
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:16:40 Last Seen2024-05-01 11:54:10 Times Seen75786 Hash 572cb94037fffc2a0a53b465972e15f1 0d679b041a7c1ca45cc99e2d229fc2b86762838d 6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35 Loading...

	revokecashexploit.pages.dev/js/web3.min.js	1.2 MB	2023-05-12	2024-04-26
Pretty URL revokecashexploit.pages.dev/js/web3.min.js IP 172.66.47.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-12 17:02:00 Last Seen2024-04-26 17:51:12 Times Seen107 Hash 4e131238273584c83b0089668cf50b1c a0e353e006c1ce398cc28b065c9e2754f9f6d655 8cdcd2aa68c68480d5180ca0cd64f190c7064fdecff596ea34042eba5ff181db Loading...

	cdn.jsdelivr.net/gh/ethereumjs/browser-builds/dist/ethereumjs-tx/ethereumjs-tx-1.3.3.min.js	323 kB	2023-03-07	2024-04-30
Pretty URL cdn.jsdelivr.net/gh/ethereumjs/browser-builds/dist/ethereumjs-tx/ethereumjs-tx-1.3.3.min.js IP 151.101.193.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:06 Last Seen2024-04-30 17:57:18 Times Seen815 Hash ca1104de538caea2d54265fbe90916b4 d6c416e5d153f500f7ac66d25a2b73db45867ad4 10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0 Loading...

	cdnjs.cloudflare.com/ajax/libs/ethers/5.7.2/ethers.umd.min.js	760 kB	2023-03-13	2024-04-30
Pretty URL cdnjs.cloudflare.com/ajax/libs/ethers/5.7.2/ethers.umd.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 00:48:53 Last Seen2024-04-30 17:57:18 Times Seen920 Hash 71f8c498e792c6179d4e2840228f777a b651545587f6257345dc3de9ddaa444b10dedf3e a66293a6a2bb4dee061a68612be0be3c5c0ab7e4068ab8d98a4a357baf664c73 Loading...

	revokecashexploit.pages.dev/js/ethers-5.2.umd.min.js	733 kB	2023-03-07	2024-04-26
Pretty URL revokecashexploit.pages.dev/js/ethers-5.2.umd.min.js IP 172.66.47.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:13 Last Seen2024-04-26 22:27:00 Times Seen621 Hash 50ed955cf32ac8e4e1daa0fac8fcde98 fc073f2b9715e44dc2346d7cbe0b491fb59da146 c2bcdc085e0557a379a6056c629be748d22a3c1dbe539a48ae02de7d69c95eff Loading...

	cdn.jsdelivr.net/npm/sweetalert2@11.7.16/dist/sweetalert2.all.min.js	68 kB	2023-07-11	2024-04-30
Pretty URL cdn.jsdelivr.net/npm/sweetalert2@11.7.16/dist/sweetalert2.all.min.js IP 151.101.193.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-11 17:54:11 Last Seen2024-04-30 17:57:18 Times Seen424 Hash 0aaaa3278d29d8b8d9b3795f60d3b836 519ef68609c1f595ee6a9cbb7660e4c8585a0d41 b030031299100b9d6c6b413bf9e9d712f59695f1384ef548c3f43b0a0faecbfa Loading...

	revokecashexploit.pages.dev/settings.js	5.7 kB	2024-04-18	2024-04-18
Pretty URL revokecashexploit.pages.dev/settings.js IP 172.66.47.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 11:23:53 Last Seen2024-04-18 11:23:53 Times Seen2 Hash 4130322ba5a214c8c1b2698214f15997 169a3b54b2edfec13e5f72ec65a5713ba1ae153d a6fd7ea5e61c1b5a46e946028260ed42c6fc829a6fd68d59f79aef1f9cc2099b Loading...

	revokecashexploit.pages.dev/js/aes.js	13 kB	2023-03-07	2024-04-30
Pretty URL revokecashexploit.pages.dev/js/aes.js IP 172.66.47.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-30 23:49:50 Times Seen12978 Hash 4ff108e4584780dce15d610c142c3e62 77e4519962e2f6a9fc93342137dbb31c33b76b04 fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a Loading...

	revokecashexploit.pages.dev/js/pbkdf2.js	5.5 kB	2023-03-11	2024-04-26
Pretty URL revokecashexploit.pages.dev/js/pbkdf2.js IP 172.66.47.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:26:42 Last Seen2024-04-26 17:51:12 Times Seen117 Hash a50897fea252b972449a9e246aa69fd7 e6d089c4b43227db5062742edb336dfabfb5cd6b 5f8034781ba252e676db2ada75cb3d98df874aa3747830223141fefbed71c906 Loading...

	revokecashexploit.pages.dev/js/jquery.min.js	90 kB	2023-12-10	2024-04-24
Pretty URL revokecashexploit.pages.dev/js/jquery.min.js IP 172.66.47.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-10 16:58:02 Last Seen2024-04-24 22:07:35 Times Seen24 Hash 7262e4c8385aa1740b4b77726481e20e 4993cf21eba6823d7c9093690916570f3a09ddd1 7cce4f234da5d0ab0fc2f51250f8769f396aca3530028c492a7febcc86f7c9b6 Loading...

	unknown	1.5 kB	2023-06-07	2024-04-30
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-06-07 22:44:52 Last Seen2024-04-30 17:57:17 Times Seen231 Hash 1884ef3dcd9482d5f21c955b13eab060 bce91cb9cb511d0cd0a19f8f0fc5bfe03f3fbabf 938cde8b9179eff487eed4b7e1d743302676b96ee0286cc8c2e095160e147db6 Loading...

	revokecashexploit.pages.dev/js/d9dgb-q6ee0-b8wni.js	2.3 MB	2023-11-16	2024-04-18
Pretty URL revokecashexploit.pages.dev/js/d9dgb-q6ee0-b8wni.js IP 172.66.47.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-16 10:39:04 Last Seen2024-04-18 11:23:53 Times Seen5 Hash 153f1c29bdf03843ae6155c79825620d 93675f59213ac7b094493ed86035087c709cd3a0 44acca51103a43fb1ab682a5441773fd229679126ee0588d128d1d899a8f4b49 Loading...

	revokecashexploit.pages.dev/	1.3 kB	2023-03-07	2024-04-30
Pretty URL revokecashexploit.pages.dev/ IP 172.66.47.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:52:42 Last Seen2024-04-30 07:20:15 Times Seen199 Hash be69a261c6c5e56e5c460b693a87a458 24aa219e0ab488d29b83e34a0fe9e306e4d9ec5d 36025f550204865b627545b57678b39f16653110dc7f9a06448c17bcace52199 Loading...

	cdn.jsdelivr.net/npm/js-base64@3.7.2/base64.mjs	10 kB	2023-05-09	2024-04-26
Pretty URL cdn.jsdelivr.net/npm/js-base64@3.7.2/base64.mjs IP 151.101.193.229 ASN #54113 FASTLY Introduced by importedModule Embedded in HTML false Observations First Seen2023-05-09 20:50:49 Last Seen2024-04-26 17:51:12 Times Seen64 Hash 1ca5a00d1ae3c9d0f9c9a1e0f98716a4 c94ac718127976a4186c251e361cc504811a52c7 e3aee773520d6590cc7b41c515ca0cd9a3bf06b6613cfe34c40275d5bd7d220e Loading...

HTTP Transactions (52)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/web3/4.0.3/web3.min.js

104.17.25.14

200 OK

147 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/web3/4.0.3/web3.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65470)
Size
147 kB (147285 bytes)
Hash
1932881debf364cfed402e1d0c7a54e3
e53d84ee93cb7c4eae82bdce939e80307b2cb1b1
e95c1fc6aaa308b9bbfc7ba359f34b57c65e4932440416441fe7c8864ccbdd84

HTTP Headers

GET /ajax/libs/web3/4.0.3/web3.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://revokecashexploit.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 09:23:16 GMT
content-type: application/javascript; charset=utf-8
content-length: 147285
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64ad8554-23f55"
last-modified: Tue, 11 Jul 2023 16:37:40 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3673626
expires: Tue, 08 Apr 2025 09:23:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DosCdEUadRTQe%2FYK%2F3KGcqkvhz%2Fza7DvNT4%2Fhx3SB2KbUqr23gugnEuBSK3Uw%2FnkQ%2FvxSQAN3hkB%2Blvs1cItazOiin0wINKDvE91I6n0I%2BjKtRZMsxQ7JvR25ZEHZXiPfz2dgix%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8763985e6af70b65-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/sweetalert2@11.7.16/dist/sweetalert2.min.css

151.101.193.229

200 OK

4.6 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/sweetalert2@11.7.16/dist/sweetalert2.min.css
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
ASCII text, with very long lines (23850)
Size
4.6 kB (4573 bytes)
Hash
d849077e8b4cc93dd5c925165f2cded4
496b8e753292cc78d4964d94eee5c250d53ca13a
ee3512f8c59eaa415d996f68ce467b98f6a0cfe42631bb0196df90dccb04f855

HTTP Headers

GET /npm/sweetalert2@11.7.16/dist/sweetalert2.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://revokecashexploit.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 11.7.16
x-jsd-version-type: version
etag: W/"5d2b-SWuOdTKSzHjUlk2U7uXCUNU8oTo"
content-encoding: br
accept-ranges: bytes
date: Thu, 18 Apr 2024 09:23:16 GMT
age: 1916076
x-served-by: cache-fra-eddf8230076-FRA, cache-hel1410025-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4573
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/ethers/5.7.2/ethers.umd.min.js

104.17.25.14

200 OK

139 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/ethers/5.7.2/ethers.umd.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
139 kB (139139 bytes)
Hash
71f8c498e792c6179d4e2840228f777a
b651545587f6257345dc3de9ddaa444b10dedf3e
a66293a6a2bb4dee061a68612be0be3c5c0ab7e4068ab8d98a4a357baf664c73

HTTP Headers

GET /ajax/libs/ethers/5.7.2/ethers.umd.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://revokecashexploit.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 09:23:16 GMT
content-type: application/javascript; charset=utf-8
content-length: 139139
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6350cee7-21f83"
last-modified: Thu, 20 Oct 2022 04:30:31 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 226221
expires: Tue, 08 Apr 2025 09:23:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QvA0c3ZHntfBlkcO10SlGApFomcXoDA5FxHh5xcSCnWqvsvowYftI9oNb5s7E1MMEP8QOhStJR%2B%2BPfS2dXEk8soLSK9ItpDLQyNwK6TmG7HqpDE6AaR05bW1Lce0P%2BcRldCsFyed"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8763985e5af00b65-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/sweetalert2@11.7.16/dist/sweetalert2.all.min.js

151.101.193.229

200 OK

19 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/sweetalert2@11.7.16/dist/sweetalert2.all.min.js
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JavaScript source, ASCII text, with very long lines (43691)
Size
19 kB (19370 bytes)
Hash
0aaaa3278d29d8b8d9b3795f60d3b836
519ef68609c1f595ee6a9cbb7660e4c8585a0d41
b030031299100b9d6c6b413bf9e9d712f59695f1384ef548c3f43b0a0faecbfa

HTTP Headers

GET /npm/sweetalert2@11.7.16/dist/sweetalert2.all.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://revokecashexploit.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 11.7.16
x-jsd-version-type: version
etag: W/"10917-UZ72hgnB9ZXuapy7dmDkyFhaDUE"
content-encoding: br
accept-ranges: bytes
date: Thu, 18 Apr 2024 09:23:17 GMT
age: 837416
x-served-by: cache-fra-eddf8230055-FRA, cache-hel1410025-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 19370
X-Firefox-Spdy: h2

cdn.jsdelivr.net/gh/ethereumjs/browser-builds/dist/ethereumjs-tx/ethereumjs-tx-1.3.3.min.js

151.101.193.229

200 OK

97 kB

URL GET HTTP/2
cdn.jsdelivr.net/gh/ethereumjs/browser-builds/dist/ethereumjs-tx/ethereumjs-tx-1.3.3.min.js
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JavaScript source, ASCII text, with very long lines (43040)
Size
97 kB (96826 bytes)
Hash
ca1104de538caea2d54265fbe90916b4
d6c416e5d153f500f7ac66d25a2b73db45867ad4
10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0

HTTP Headers

GET /gh/ethereumjs/browser-builds/dist/ethereumjs-tx/ethereumjs-tx-1.3.3.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://revokecashexploit.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: master
x-jsd-version-type: branch
etag: W/"4edeb-1sQW5dFT9QD3rGbSWitz20WGetQ"
content-encoding: br
accept-ranges: bytes
date: Thu, 18 Apr 2024 09:23:17 GMT
age: 4690
x-served-by: cache-fra-etou8220137-FRA, cache-hel1410025-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 96826
X-Firefox-Spdy: h2

revokecashexploit.pages.dev/css/f2a653ccf40d1519.css

172.66.47.107

200 OK

20 kB

URL GET HTTP/3
revokecashexploit.pages.dev/css/f2a653ccf40d1519.css
IP
172.66.47.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectrevokecashexploit.pages.dev
Fingerprint3E:C9:8A:1F:0B:46:60:CB:98:DE:CC:84:C6:7D:FB:DB:71:92:69:9E
ValidityTue, 26 Mar 2024 03:29:09 GMT - Mon, 24 Jun 2024 03:29:08 GMT

File type
ASCII text, with very long lines (48229)
Size
20 kB (20350 bytes)
Hash
084ddb60c11fe7c87e52338d3d026b1d
a186026e85d106f5353ff2e155a7af0aac4c1be7
d106b628020e7b25bc95b9f9e791d4ad872ad89b14c93aa29e59535fa73ac023

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /css/f2a653ccf40d1519.css HTTP/1.1
Host: revokecashexploit.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://revokecashexploit.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 09:23:17 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"8404c967f9f8d64aeda07bd4648b8218"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CfaHYimY%2F3sWx6iwaF72QkP5hKrliyeGssJlfsj%2F0ci7Y%2BD3NZZTkH6KVV5G1hXbrYKiBowrfNtQ4aBwVAb6V9KZ2ThYlf3la6n8X%2F2Z8D1OdJ9ikHc9rj7ZjPE%2F8us7aVTOBAcFPInAkV10YxE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763985df8f25684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.jsdelivr.net/npm/js-base64@3.7.2/base64.mjs

151.101.193.229

200 OK

3.4 kB

URL GET HTTP/3
cdn.jsdelivr.net/npm/js-base64@3.7.2/base64.mjs
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
3.4 kB (3388 bytes)
Hash
1ca5a00d1ae3c9d0f9c9a1e0f98716a4
c94ac718127976a4186c251e361cc504811a52c7
e3aee773520d6590cc7b41c515ca0cd9a3bf06b6613cfe34c40275d5bd7d220e

HTTP Headers

GET /npm/js-base64@3.7.2/base64.mjs HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://revokecashexploit.pages.dev/
Origin: https://revokecashexploit.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 3388
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.7.2
x-jsd-version-type: version
etag: W/"2876-yUrHGBJ5dqQYbCUeNhzFBIEaUsc"
content-encoding: br
accept-ranges: bytes
age: 1116596
date: Thu, 18 Apr 2024 09:23:18 GMT
x-served-by: cache-fra-eddf8230090-FRA, cache-hel1410025-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

revokecashexploit.pages.dev/images/apple-touch-icon.png

172.66.47.107

200 OK

9.5 kB

URL GET HTTP/3
revokecashexploit.pages.dev/images/apple-touch-icon.png
IP
172.66.47.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectrevokecashexploit.pages.dev
Fingerprint3E:C9:8A:1F:0B:46:60:CB:98:DE:CC:84:C6:7D:FB:DB:71:92:69:9E
ValidityTue, 26 Mar 2024 03:29:09 GMT - Mon, 24 Jun 2024 03:29:08 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced
Size
9.5 kB (9536 bytes)
Hash
9033347a29fc998548ff74ebfc09c768
52ffe5b81ca823b108fa45cdc5dbc3c68d6dc35f
995686a27aa06616ccd3c5b3d3c2e90800cac6f29182a9fe5b1721a765d4add0

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /images/apple-touch-icon.png HTTP/1.1
Host: revokecashexploit.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://revokecashexploit.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: PHPREFS=full
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 09:23:19 GMT
content-type: image/png
content-length: 9536
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "d4ccbb0dcf3c361750968dc41d779cbe"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4UEbppv1xu9z70OQBrUVcY6pAuHKfOD4sAqc4xR3O3WZQMihRlc4LJEFwKAuneRGvcb4pQypkd8FzZQZAmvEqFsDvk%2BZljaZV3lkzp10PnC%2FEgzT4z%2BZrtP4h2jQpcuBT2gXtnBv1BkE96twI8M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763986b9baf5684-OSL
alt-svc: h3=":443"; ma=86400

revokecashexploit.pages.dev/favicon.ico

172.66.47.107

200 OK

15 kB

URL GET HTTP/3
revokecashexploit.pages.dev/favicon.ico
IP
172.66.47.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectrevokecashexploit.pages.dev
Fingerprint3E:C9:8A:1F:0B:46:60:CB:98:DE:CC:84:C6:7D:FB:DB:71:92:69:9E
ValidityTue, 26 Mar 2024 03:29:09 GMT - Mon, 24 Jun 2024 03:29:08 GMT

File type
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Size
15 kB (15406 bytes)
Hash
fb8363597f7a1d9ce794b5bbac74b024
edd7912bba4a47eca3314203c81e2305706b59c8
e78f39005a0f256dcdfd1c8a882afd5dc76b0939aebc38e2d39dab108a23afcc

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: revokecashexploit.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://revokecashexploit.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: PHPREFS=full
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 09:23:19 GMT
content-type: null
content-length: 15406
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "71a4e4a57cc35827785c82c1aac528f2"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PTKdNMzqCEkb8PK2ZiO%2FvlBbPNdRc2o9aYmnKC0xAqRn6%2FhAOMyecKVwTceLmg3fckeaLhtWDvArXg4vl3Rz1gxIlNTyjRjkZud6qeURZzYZnlBgPqp6PEvkL6pXO0DMyZ5i07aQEDD2Qve3QlY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763986babb25684-OSL
alt-svc: h3=":443"; ma=86400

api.web3modal.com/public/getAssetImage/ab9c186a-c52f-464b-2906-ca59d760a400

104.18.28.72

204 No Content

0 B

URL OPTIONS HTTP/2
api.web3modal.com/public/getAssetImage/ab9c186a-c52f-464b-2906-ca59d760a400
IP
104.18.28.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerLet's Encrypt
Subjectweb3modal.com
FingerprintC0:00:53:08:9B:BC:33:41:39:61:64:98:05:DD:BD:78:C6:BB:21:C2
ValiditySat, 06 Apr 2024 08:56:56 GMT - Fri, 05 Jul 2024 08:56:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /public/getAssetImage/ab9c186a-c52f-464b-2906-ca59d760a400 HTTP/1.1
Host: api.web3modal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-project-id,x-sdk-type,x-sdk-version
Referer: https://revokecashexploit.pages.dev/
Origin: https://revokecashexploit.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Thu, 18 Apr 2024 09:23:19 GMT
access-control-allow-origin: *
vary: Access-Control-Request-Headers, Accept-Encoding
access-control-allow-headers: x-project-id,x-sdk-version,x-sdk-type
access-control-allow-methods: OPTIONS,GET
access-control-max-age: 86400
server: cloudflare
cf-ray: 8763986e7dfb0b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

revokecashexploit.pages.dev/

172.66.47.107

200 OK

13 kB

URL User Request GET HTTP/2
revokecashexploit.pages.dev/
IP
172.66.47.107:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectrevokecashexploit.pages.dev
Fingerprint3E:C9:8A:1F:0B:46:60:CB:98:DE:CC:84:C6:7D:FB:DB:71:92:69:9E
ValidityTue, 26 Mar 2024 03:29:09 GMT - Mon, 24 Jun 2024 03:29:08 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (4002)
Size
13 kB (12921 bytes)
Hash
809ec8af63c5ebba2faf5922920191ee
5e0230fcfa8dfc08e2db7bd855d8a9fe9bad72f3
e03a3cdade86cdea64f559e1abaa00427ab07873665498fba266829e2803a5c2

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET / HTTP/1.1
Host: revokecashexploit.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 09:23:16 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"0f7a452878a81b84fc8f72bab90790ca"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bvB0nbKiygxRo6dEUqA9TcrgWvOzwMyi9J%2Bluo8dFeFEOF%2BLOQJrOAV%2FvlouHCus5fRh7X8hobTGD896rdiKEKMhoqFCMLW5dGlT7bSzti8RhPGmhbMyLbaEPZnRo%2FI2KOE%2F7Rw24g99TKjKzVY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763985a0918568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

api.web3modal.com/public/getAssetImage/7289c336-3981-4081-c5f4-efc26ac64a00

104.18.28.72

200 OK

0 B

URL GET HTTP/2
api.web3modal.com/public/getAssetImage/7289c336-3981-4081-c5f4-efc26ac64a00
IP
104.18.28.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerLet's Encrypt
Subjectweb3modal.com
FingerprintC0:00:53:08:9B:BC:33:41:39:61:64:98:05:DD:BD:78:C6:BB:21:C2
ValiditySat, 06 Apr 2024 08:56:56 GMT - Fri, 05 Jul 2024 08:56:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /public/getAssetImage/7289c336-3981-4081-c5f4-efc26ac64a00 HTTP/1.1
Host: api.web3modal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-project-id,x-sdk-type,x-sdk-version
Referer: https://revokecashexploit.pages.dev/
Origin: https://revokecashexploit.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Thu, 18 Apr 2024 09:23:19 GMT
access-control-allow-origin: *
vary: Access-Control-Request-Headers, Accept-Encoding
access-control-allow-headers: x-project-id,x-sdk-version,x-sdk-type
access-control-allow-methods: OPTIONS,GET
access-control-max-age: 86400
server: cloudflare
cf-ray: 8763986e7e010b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

jscdnweb.pages.dev/chair.js

172.66.45.14

200 OK

1.7 kB

URL GET HTTP/2
jscdnweb.pages.dev/chair.js
IP
172.66.45.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectjscdnweb.pages.dev
Fingerprint1D:AA:9E:6D:04:70:58:13:1E:CD:EC:31:13:88:67:6F:B8:EA:BD:2A
ValidityThu, 14 Mar 2024 19:38:57 GMT - Wed, 12 Jun 2024 19:38:56 GMT

File type
HTML document, ASCII text, with very long lines (394)
Size
1.7 kB (1718 bytes)
Hash
14b36ccf998b4e4fc97faa12cd1b3084
a1ac14e21efbe42b31ded43ce9cb017bf3565d91
7a4b61f2e00478d6565ab620ce63924bcf1ffaeb4c3b61e2760e66d5902ffc22

HTTP Headers

GET /chair.js HTTP/1.1
Host: jscdnweb.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://revokecashexploit.pages.dev/
Origin: https://revokecashexploit.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 09:23:16 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QcaCp1wrrZmH0NK5XRH5MDLOZmXQHIBj2%2F2LMCvjlQ9RnSDd7iLs8uJ5wOsVNdzwIUyBF5NE9HjSyTAYJHmMgtutBgAdPETLUh0C%2BPOjVo13lXx2E5kcb3uymMPIi1JvZg3TmQ4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763985e680e5699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

api.web3modal.com/public/getAssetImage/600a9a04-c1b9-42ca-6785-9b4b6ff85200

104.18.28.72

200 OK

0 B

URL GET HTTP/2
api.web3modal.com/public/getAssetImage/600a9a04-c1b9-42ca-6785-9b4b6ff85200
IP
104.18.28.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerLet's Encrypt
Subjectweb3modal.com
FingerprintC0:00:53:08:9B:BC:33:41:39:61:64:98:05:DD:BD:78:C6:BB:21:C2
ValiditySat, 06 Apr 2024 08:56:56 GMT - Fri, 05 Jul 2024 08:56:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /public/getAssetImage/600a9a04-c1b9-42ca-6785-9b4b6ff85200 HTTP/1.1
Host: api.web3modal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-project-id,x-sdk-type,x-sdk-version
Referer: https://revokecashexploit.pages.dev/
Origin: https://revokecashexploit.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Thu, 18 Apr 2024 09:23:19 GMT
access-control-allow-origin: *
vary: Access-Control-Request-Headers, Accept-Encoding
access-control-allow-headers: x-project-id,x-sdk-version,x-sdk-type
access-control-allow-methods: OPTIONS,GET
access-control-max-age: 86400
server: cloudflare
cf-ray: 8763986e7dfc0b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

api.web3modal.com/public/getAssetImage/ab9c186a-c52f-464b-2906-ca59d760a400

104.18.28.72

204 No Content

0 B

URL OPTIONS HTTP/2
api.web3modal.com/public/getAssetImage/ab9c186a-c52f-464b-2906-ca59d760a400
IP
104.18.28.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerLet's Encrypt
Subjectweb3modal.com
FingerprintC0:00:53:08:9B:BC:33:41:39:61:64:98:05:DD:BD:78:C6:BB:21:C2
ValiditySat, 06 Apr 2024 08:56:56 GMT - Fri, 05 Jul 2024 08:56:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /public/getAssetImage/ab9c186a-c52f-464b-2906-ca59d760a400 HTTP/1.1
Host: api.web3modal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-project-id,x-sdk-type,x-sdk-version
Referer: https://revokecashexploit.pages.dev/
Origin: https://revokecashexploit.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Thu, 18 Apr 2024 09:23:19 GMT
access-control-allow-origin: *
vary: Access-Control-Request-Headers, Accept-Encoding
access-control-allow-headers: x-project-id,x-sdk-version,x-sdk-type
access-control-allow-methods: OPTIONS,GET
access-control-max-age: 86400
server: cloudflare
cf-ray: 8763986e7e0b0b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

api.web3modal.com/getWallets?page=1&entries=4

104.18.28.72

200 OK

0 B

URL GET HTTP/2
api.web3modal.com/getWallets?page=1&entries=4
IP
104.18.28.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerLet's Encrypt
Subjectweb3modal.com
FingerprintC0:00:53:08:9B:BC:33:41:39:61:64:98:05:DD:BD:78:C6:BB:21:C2
ValiditySat, 06 Apr 2024 08:56:56 GMT - Fri, 05 Jul 2024 08:56:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /getWallets?page=1&entries=4 HTTP/1.1
Host: api.web3modal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-project-id,x-sdk-type,x-sdk-version
Referer: https://revokecashexploit.pages.dev/
Origin: https://revokecashexploit.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Thu, 18 Apr 2024 09:23:19 GMT
access-control-allow-origin: *
vary: Access-Control-Request-Headers, Accept-Encoding
access-control-allow-headers: x-project-id,x-sdk-version,x-sdk-type
access-control-allow-methods: OPTIONS,GET
access-control-max-age: 86400
server: cloudflare
cf-ray: 8763986e7e0c0b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

api.web3modal.com/public/getAssetImage/06b26297-fe0c-4733-5d6b-ffa5498aac00

104.18.28.72

204 No Content

0 B

URL OPTIONS HTTP/2
api.web3modal.com/public/getAssetImage/06b26297-fe0c-4733-5d6b-ffa5498aac00
IP
104.18.28.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerLet's Encrypt
Subjectweb3modal.com
FingerprintC0:00:53:08:9B:BC:33:41:39:61:64:98:05:DD:BD:78:C6:BB:21:C2
ValiditySat, 06 Apr 2024 08:56:56 GMT - Fri, 05 Jul 2024 08:56:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /public/getAssetImage/06b26297-fe0c-4733-5d6b-ffa5498aac00 HTTP/1.1
Host: api.web3modal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-project-id,x-sdk-type,x-sdk-version
Referer: https://revokecashexploit.pages.dev/
Origin: https://revokecashexploit.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Thu, 18 Apr 2024 09:23:19 GMT
access-control-allow-origin: *
vary: Access-Control-Request-Headers, Accept-Encoding
access-control-allow-headers: x-project-id,x-sdk-version,x-sdk-type
access-control-allow-methods: OPTIONS,GET
access-control-max-age: 86400
server: cloudflare
cf-ray: 8763986e7e110b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

api.web3modal.com/public/getAssetImage/41d04d42-da3b-4453-8506-668cc0727900

104.18.28.72

200 OK

0 B

URL GET HTTP/2
api.web3modal.com/public/getAssetImage/41d04d42-da3b-4453-8506-668cc0727900
IP
104.18.28.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerLet's Encrypt
Subjectweb3modal.com
FingerprintC0:00:53:08:9B:BC:33:41:39:61:64:98:05:DD:BD:78:C6:BB:21:C2
ValiditySat, 06 Apr 2024 08:56:56 GMT - Fri, 05 Jul 2024 08:56:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /public/getAssetImage/41d04d42-da3b-4453-8506-668cc0727900 HTTP/1.1
Host: api.web3modal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-project-id,x-sdk-type,x-sdk-version
Referer: https://revokecashexploit.pages.dev/
Origin: https://revokecashexploit.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Thu, 18 Apr 2024 09:23:19 GMT
access-control-allow-origin: *
vary: Access-Control-Request-Headers, Accept-Encoding
access-control-allow-headers: x-project-id,x-sdk-version,x-sdk-type
access-control-allow-methods: OPTIONS,GET
access-control-max-age: 86400
server: cloudflare
cf-ray: 8763986e7e150b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

api.web3modal.com/public/getAssetImage/93564157-2e8e-4ce7-81df-b264dbee9b00

104.18.28.72

204 No Content

0 B

URL OPTIONS HTTP/2
api.web3modal.com/public/getAssetImage/93564157-2e8e-4ce7-81df-b264dbee9b00
IP
104.18.28.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerLet's Encrypt
Subjectweb3modal.com
FingerprintC0:00:53:08:9B:BC:33:41:39:61:64:98:05:DD:BD:78:C6:BB:21:C2
ValiditySat, 06 Apr 2024 08:56:56 GMT - Fri, 05 Jul 2024 08:56:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /public/getAssetImage/93564157-2e8e-4ce7-81df-b264dbee9b00 HTTP/1.1
Host: api.web3modal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-project-id,x-sdk-type,x-sdk-version
Referer: https://revokecashexploit.pages.dev/
Origin: https://revokecashexploit.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Thu, 18 Apr 2024 09:23:19 GMT
access-control-allow-origin: *
vary: Access-Control-Request-Headers, Accept-Encoding
access-control-allow-headers: x-project-id,x-sdk-version,x-sdk-type
access-control-allow-methods: OPTIONS,GET
access-control-max-age: 86400
server: cloudflare
cf-ray: 8763986e9e350b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

api.web3modal.com/public/getAssetImage/ab9c186a-c52f-464b-2906-ca59d760a400

104.18.28.72

204 No Content

3.0 kB

URL OPTIONS HTTP/2
api.web3modal.com/public/getAssetImage/ab9c186a-c52f-464b-2906-ca59d760a400
IP
104.18.28.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerLet's Encrypt
Subjectweb3modal.com
FingerprintC0:00:53:08:9B:BC:33:41:39:61:64:98:05:DD:BD:78:C6:BB:21:C2
ValiditySat, 06 Apr 2024 08:56:56 GMT - Fri, 05 Jul 2024 08:56:55 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp
Size
3.0 kB (2982 bytes)
Hash
d0bfd7eefc33f692b10b2d342a0f715f
79165067305a206b1713be7dc0d6dcf915153dea
dbc925830cbe966bad72c492ee6b7a591ef8e54c00e9fbc95fa729b27415f2f8

HTTP Headers

GET /public/getAssetImage/ab9c186a-c52f-464b-2906-ca59d760a400 HTTP/1.1
Host: api.web3modal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://revokecashexploit.pages.dev/
x-project-id: 9a504add1206ecb902aee52264862b81
x-sdk-type: w3m
x-sdk-version: html-ethers5-3.2.1
Origin: https://revokecashexploit.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 09:23:19 GMT
content-type: image/webp
content-length: 2982
cf-ray: 8763986e9e340b61-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 30763
cache-control: public, max-age=31536000
etag: "cf1bMzkffidOhcD7Rqm7-8S115UG7FeV1c8ZwDJoU7DQ"
expires: Fri, 18 Apr 2025 09:23:19 GMT
vary: Accept, Accept-Encoding
cf-bgj: imgq:86,h2pri
cf-images: internal=ok/- q=0 n=580+0 c=0+11 v=2024.3.2 l=2982
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
x-robots-tag: noindex
x-wc-r2-status: HIT
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

api.web3modal.com/public/getAssetImage/692ed6ba-e569-459a-556a-776476829e00

104.18.28.72

200 OK

2.0 kB

URL GET HTTP/2
api.web3modal.com/public/getAssetImage/692ed6ba-e569-459a-556a-776476829e00
IP
104.18.28.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerLet's Encrypt
Subjectweb3modal.com
FingerprintC0:00:53:08:9B:BC:33:41:39:61:64:98:05:DD:BD:78:C6:BB:21:C2
ValiditySat, 06 Apr 2024 08:56:56 GMT - Fri, 05 Jul 2024 08:56:55 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp
Size
2.0 kB (1962 bytes)
Hash
fc47577f72c6ac1b3644fd3c93c35434
7fa10148eb871d0ca72a79a89ae480a44af8014b
a96683af833d7e9409bea1d240842f89a6117c323ff048b484a23fea13ccb61e

HTTP Headers

GET /public/getAssetImage/692ed6ba-e569-459a-556a-776476829e00 HTTP/1.1
Host: api.web3modal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://revokecashexploit.pages.dev/
x-project-id: 9a504add1206ecb902aee52264862b81
x-sdk-type: w3m
x-sdk-version: html-ethers5-3.2.1
Origin: https://revokecashexploit.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 09:23:19 GMT
content-type: image/webp
content-length: 1962
cf-ray: 8763986eae490b61-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 54963
cache-control: public, max-age=31536000
etag: "cfaRKjj98wG78-Q94g8ciN3whHUG7FeV1c8ZwDJoU7DQ"
expires: Fri, 18 Apr 2025 09:23:19 GMT
vary: Accept, Accept-Encoding
cf-bgj: imgq:86,h2pri
cf-images: internal=ok/- q=0 n=1141+0 c=0+12 v=2024.4.0 l=1962
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
x-robots-tag: noindex
x-wc-r2-status: HIT
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

api.web3modal.com/public/getAssetImage/7289c336-3981-4081-c5f4-efc26ac64a00

104.18.28.72

200 OK

48 kB

URL GET HTTP/2
api.web3modal.com/public/getAssetImage/7289c336-3981-4081-c5f4-efc26ac64a00
IP
104.18.28.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerLet's Encrypt
Subjectweb3modal.com
FingerprintC0:00:53:08:9B:BC:33:41:39:61:64:98:05:DD:BD:78:C6:BB:21:C2
ValiditySat, 06 Apr 2024 08:56:56 GMT - Fri, 05 Jul 2024 08:56:55 GMT

File type
RIFF (little-endian) data, Web/P image
Size
48 kB (48440 bytes)
Hash
7c0eb691304bef6d50cb13dbb6cb0113
6fcad50c8a8b93714893f9dea5371a9396f2f995
dfa603a08211a1de27dcb9da317aac81eee5123e713e33937bf71822f2d31e18

HTTP Headers

GET /public/getAssetImage/7289c336-3981-4081-c5f4-efc26ac64a00 HTTP/1.1
Host: api.web3modal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://revokecashexploit.pages.dev/
x-project-id: 9a504add1206ecb902aee52264862b81
x-sdk-type: w3m
x-sdk-version: html-ethers5-3.2.1
Origin: https://revokecashexploit.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 09:23:19 GMT
content-type: image/webp
content-length: 48440
cf-ray: 8763986ece690b61-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 54960
cache-control: public, max-age=31536000
etag: "cfyIALQyO304C0r9GmkKxVyBXPUG7FeV1c8ZwDJoU7DQ"
expires: Fri, 18 Apr 2025 09:23:19 GMT
vary: Accept, Accept-Encoding
cf-bgj: imgq:100,h2pri
cf-images: internal=ok/- q=0 n=660+0 c=3+240 v=2024.4.0 l=48440
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
x-robots-tag: noindex
x-wc-r2-status: HIT
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

api.web3modal.com/public/getAssetImage/ef1a1fcf-7fe8-4d69-bd6d-fda1345b4400

104.18.28.72

204 No Content

4.6 kB

URL OPTIONS HTTP/2
api.web3modal.com/public/getAssetImage/ef1a1fcf-7fe8-4d69-bd6d-fda1345b4400
IP
104.18.28.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerLet's Encrypt
Subjectweb3modal.com
FingerprintC0:00:53:08:9B:BC:33:41:39:61:64:98:05:DD:BD:78:C6:BB:21:C2
ValiditySat, 06 Apr 2024 08:56:56 GMT - Fri, 05 Jul 2024 08:56:55 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp
Size
4.6 kB (4624 bytes)
Hash
1ba0e02799c16aeb565f47831d13afba
8f902e52b5c0964ec450928efb2c3855c6190d04
eac7ee8c6a37d9123559885b66593f39a9c9dfe38997bf9f50da791ebe907bb1

HTTP Headers

GET /public/getAssetImage/ef1a1fcf-7fe8-4d69-bd6d-fda1345b4400 HTTP/1.1
Host: api.web3modal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://revokecashexploit.pages.dev/
x-project-id: 9a504add1206ecb902aee52264862b81
x-sdk-type: w3m
x-sdk-version: html-ethers5-3.2.1
Origin: https://revokecashexploit.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 09:23:19 GMT
content-type: image/webp
content-length: 4624
cf-ray: 8763986ede8d0b61-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 54963
cache-control: public, max-age=31536000
etag: "cfRx5BuyC7eclsMS9LWuzHtxGJUG7FeV1c8ZwDJoU7DQ"
expires: Fri, 18 Apr 2025 09:23:19 GMT
vary: Accept, Accept-Encoding
cf-bgj: imgq:86,h2pri
cf-images: internal=ok/- q=0 n=451+0 c=1+16 v=2024.4.0 l=4624
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
x-robots-tag: noindex
x-wc-r2-status: HIT
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

api.web3modal.com/public/getAssetImage/600a9a04-c1b9-42ca-6785-9b4b6ff85200

104.18.28.72

200 OK

5.8 kB

URL GET HTTP/2
api.web3modal.com/public/getAssetImage/600a9a04-c1b9-42ca-6785-9b4b6ff85200
IP
104.18.28.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerLet's Encrypt
Subjectweb3modal.com
FingerprintC0:00:53:08:9B:BC:33:41:39:61:64:98:05:DD:BD:78:C6:BB:21:C2
ValiditySat, 06 Apr 2024 08:56:56 GMT - Fri, 05 Jul 2024 08:56:55 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp
Size
5.8 kB (5806 bytes)
Hash
642979b6270bdd1654919f26f8b4bd3a
36a7b276ebf210efd1b7eedf74e44ab82609a75a
ae5288e2522736d9905e4be3c6f961a43efdcca4e15a4f2566e36505ce519165

HTTP Headers

GET /public/getAssetImage/600a9a04-c1b9-42ca-6785-9b4b6ff85200 HTTP/1.1
Host: api.web3modal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://revokecashexploit.pages.dev/
x-project-id: 9a504add1206ecb902aee52264862b81
x-sdk-type: w3m
x-sdk-version: html-ethers5-3.2.1
Origin: https://revokecashexploit.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 09:23:19 GMT
content-type: image/webp
content-length: 5806
cf-ray: 8763986efea60b61-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 45600
cache-control: public, max-age=31536000
etag: "cfuwYBbesV8l5_F8TO91Cr3GddUG7FeV1c8ZwDJoU7DQ"
expires: Fri, 18 Apr 2025 09:23:19 GMT
vary: Accept, Accept-Encoding
cf-bgj: imgq:86,h2pri
cf-images: internal=ok/- q=0 n=512+0 c=0+14 v=2024.3.2 l=5806
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
x-robots-tag: noindex
x-wc-r2-status: HIT
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

api.web3modal.com/public/getAssetImage/ab9c186a-c52f-464b-2906-ca59d760a400

104.18.28.72

204 No Content

3.0 kB

URL OPTIONS HTTP/2
api.web3modal.com/public/getAssetImage/ab9c186a-c52f-464b-2906-ca59d760a400
IP
104.18.28.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerLet's Encrypt
Subjectweb3modal.com
FingerprintC0:00:53:08:9B:BC:33:41:39:61:64:98:05:DD:BD:78:C6:BB:21:C2
ValiditySat, 06 Apr 2024 08:56:56 GMT - Fri, 05 Jul 2024 08:56:55 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp
Size
3.0 kB (2982 bytes)
Hash
d0bfd7eefc33f692b10b2d342a0f715f
79165067305a206b1713be7dc0d6dcf915153dea
dbc925830cbe966bad72c492ee6b7a591ef8e54c00e9fbc95fa729b27415f2f8

HTTP Headers

GET /public/getAssetImage/ab9c186a-c52f-464b-2906-ca59d760a400 HTTP/1.1
Host: api.web3modal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://revokecashexploit.pages.dev/
x-project-id: 9a504add1206ecb902aee52264862b81
x-sdk-type: w3m
x-sdk-version: html-ethers5-3.2.1
Origin: https://revokecashexploit.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 09:23:19 GMT
content-type: image/webp
content-length: 2982
cf-ray: 8763986f1eb60b61-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 30763
cache-control: public, max-age=31536000
etag: "cf1bMzkffidOhcD7Rqm7-8S115UG7FeV1c8ZwDJoU7DQ"
expires: Fri, 18 Apr 2025 09:23:19 GMT
vary: Accept, Accept-Encoding
cf-bgj: imgq:86,h2pri
cf-images: internal=ok/- q=0 n=580+0 c=0+11 v=2024.3.2 l=2982
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
x-robots-tag: noindex
x-wc-r2-status: HIT
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

api.web3modal.com/public/getAssetImage/06b26297-fe0c-4733-5d6b-ffa5498aac00

104.18.28.72

204 No Content

4.2 kB

URL OPTIONS HTTP/2
api.web3modal.com/public/getAssetImage/06b26297-fe0c-4733-5d6b-ffa5498aac00
IP
104.18.28.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerLet's Encrypt
Subjectweb3modal.com
FingerprintC0:00:53:08:9B:BC:33:41:39:61:64:98:05:DD:BD:78:C6:BB:21:C2
ValiditySat, 06 Apr 2024 08:56:56 GMT - Fri, 05 Jul 2024 08:56:55 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp
Size
4.2 kB (4216 bytes)
Hash
d5db513e51a1eda85e0e624b1a8061e0
0f949a2454b2bf9a44f36c8dce934de76bf24e20
48b3f99f45c1036f3b19652590bf542f1dbaada7b53fb37b282318cf3de502dd

HTTP Headers

GET /public/getAssetImage/06b26297-fe0c-4733-5d6b-ffa5498aac00 HTTP/1.1
Host: api.web3modal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://revokecashexploit.pages.dev/
x-project-id: 9a504add1206ecb902aee52264862b81
x-sdk-type: w3m
x-sdk-version: html-ethers5-3.2.1
Origin: https://revokecashexploit.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 09:23:19 GMT
content-type: image/webp
content-length: 4216
cf-ray: 8763986f3ef20b61-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 54941
cache-control: public, max-age=31536000
etag: "cfg5kHfR4p5rKyX_HbosXNTDTYUG7FeV1c8ZwDJoU7DQ"
expires: Fri, 18 Apr 2025 09:23:19 GMT
vary: Accept, Accept-Encoding
cf-bgj: imgq:86,h2pri
cf-images: internal=ok/- q=0 n=23+0 c=0+10 v=2023.9.8 l=4216
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
x-robots-tag: noindex
x-wc-r2-status: HIT
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

api.web3modal.com/public/getAssetImage/41d04d42-da3b-4453-8506-668cc0727900

104.18.28.72

200 OK

4.5 kB

URL GET HTTP/2
api.web3modal.com/public/getAssetImage/41d04d42-da3b-4453-8506-668cc0727900
IP
104.18.28.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerLet's Encrypt
Subjectweb3modal.com
FingerprintC0:00:53:08:9B:BC:33:41:39:61:64:98:05:DD:BD:78:C6:BB:21:C2
ValiditySat, 06 Apr 2024 08:56:56 GMT - Fri, 05 Jul 2024 08:56:55 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp
Size
4.5 kB (4528 bytes)
Hash
ef096787734c20292b4716153b5ff1f2
f2baf10db0e6638ec674e5f58965efffe5028978
518e46638e983e3545e1433ba06c2f7b4e874eed7802c809caca237245d1864c

HTTP Headers

GET /public/getAssetImage/41d04d42-da3b-4453-8506-668cc0727900 HTTP/1.1
Host: api.web3modal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://revokecashexploit.pages.dev/
x-project-id: 9a504add1206ecb902aee52264862b81
x-sdk-type: w3m
x-sdk-version: html-ethers5-3.2.1
Origin: https://revokecashexploit.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 09:23:19 GMT
content-type: image/webp
content-length: 4528
cf-ray: 8763986f4f150b61-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 54960
cache-control: public, max-age=31536000
etag: "cfIBgbS-WAFgZUOOKJGP6fnCtOUG7FeV1c8ZwDJoU7DQ"
expires: Fri, 18 Apr 2025 09:23:19 GMT
vary: Accept, Accept-Encoding
cf-bgj: imgq:86,h2pri
cf-images: internal=ok/- q=0 n=1187+0 c=0+11 v=2024.4.0 l=4528
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
x-robots-tag: noindex
x-wc-r2-status: HIT
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

revokecashexploit.pages.dev/images/ethereum.svg

172.66.47.107

200 OK

7.8 kB

URL GET HTTP/3
revokecashexploit.pages.dev/images/ethereum.svg
IP
172.66.47.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectrevokecashexploit.pages.dev
Fingerprint3E:C9:8A:1F:0B:46:60:CB:98:DE:CC:84:C6:7D:FB:DB:71:92:69:9E
ValidityTue, 26 Mar 2024 03:29:09 GMT - Mon, 24 Jun 2024 03:29:08 GMT

File type
SVG Scalable Vector Graphics image
Size
7.8 kB (7759 bytes)
Hash
47c40f709a0fc897aa2e50c5dd501b9f
796f075cc6e9dc58126c08bb6808b03605c55b83
dd81bab3260a0107652a12618638bc43742dce4f5d4147148ff6a5a7a4b41917

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /images/ethereum.svg HTTP/1.1
Host: revokecashexploit.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://revokecashexploit.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: PHPREFS=full
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 09:23:19 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"0b3cf61e2d81e7b4455ae085f468cca4"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FR%2FG5wRZrNJcDu14uohbKcszfsx11cQlhrF4w%2BpPhSJWFaT1WBFyCKYb4tstmeQTB9Qw7rXGwvAYjIU9e40oCDnV8w81arqicYbSWhEwV5jlvgGPxc8J0Efn%2FQ9pcTLR6wJo8Vb6gUSPeqH6gkw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763986cedd75684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

api.web3modal.com/getWalletImage/5195e9db-94d8-4579-6f11-ef553be95100

104.18.28.72

200 OK

0 B

URL GET HTTP/2
api.web3modal.com/getWalletImage/5195e9db-94d8-4579-6f11-ef553be95100
IP
104.18.28.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerLet's Encrypt
Subjectweb3modal.com
FingerprintC0:00:53:08:9B:BC:33:41:39:61:64:98:05:DD:BD:78:C6:BB:21:C2
ValiditySat, 06 Apr 2024 08:56:56 GMT - Fri, 05 Jul 2024 08:56:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /getWalletImage/5195e9db-94d8-4579-6f11-ef553be95100 HTTP/1.1
Host: api.web3modal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-project-id,x-sdk-type,x-sdk-version
Referer: https://revokecashexploit.pages.dev/
Origin: https://revokecashexploit.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Thu, 18 Apr 2024 09:23:19 GMT
access-control-allow-origin: *
vary: Access-Control-Request-Headers, Accept-Encoding
access-control-allow-headers: x-project-id,x-sdk-version,x-sdk-type
access-control-allow-methods: OPTIONS,GET
access-control-max-age: 86400
server: cloudflare
cf-ray: 87639870f8e70b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

api.web3modal.com/getWalletImage/7677b54f-3486-46e2-4e37-bf8747814f00

104.18.28.72

200 OK

0 B

URL GET HTTP/2
api.web3modal.com/getWalletImage/7677b54f-3486-46e2-4e37-bf8747814f00
IP
104.18.28.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerLet's Encrypt
Subjectweb3modal.com
FingerprintC0:00:53:08:9B:BC:33:41:39:61:64:98:05:DD:BD:78:C6:BB:21:C2
ValiditySat, 06 Apr 2024 08:56:56 GMT - Fri, 05 Jul 2024 08:56:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /getWalletImage/7677b54f-3486-46e2-4e37-bf8747814f00 HTTP/1.1
Host: api.web3modal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-project-id,x-sdk-type,x-sdk-version
Referer: https://revokecashexploit.pages.dev/
Origin: https://revokecashexploit.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Thu, 18 Apr 2024 09:23:19 GMT
access-control-allow-origin: *
vary: Access-Control-Request-Headers, Accept-Encoding
access-control-allow-headers: x-project-id,x-sdk-version,x-sdk-type
access-control-allow-methods: OPTIONS,GET
access-control-max-age: 86400
server: cloudflare
cf-ray: 87639870f8eb0b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

api.web3modal.com/getWalletImage/3913df81-63c2-4413-d60b-8ff83cbed500

104.18.28.72

204 No Content

0 B

URL OPTIONS HTTP/2
api.web3modal.com/getWalletImage/3913df81-63c2-4413-d60b-8ff83cbed500
IP
104.18.28.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerLet's Encrypt
Subjectweb3modal.com
FingerprintC0:00:53:08:9B:BC:33:41:39:61:64:98:05:DD:BD:78:C6:BB:21:C2
ValiditySat, 06 Apr 2024 08:56:56 GMT - Fri, 05 Jul 2024 08:56:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /getWalletImage/3913df81-63c2-4413-d60b-8ff83cbed500 HTTP/1.1
Host: api.web3modal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-project-id,x-sdk-type,x-sdk-version
Referer: https://revokecashexploit.pages.dev/
Origin: https://revokecashexploit.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Thu, 18 Apr 2024 09:23:19 GMT
access-control-allow-origin: *
vary: Access-Control-Request-Headers, Accept-Encoding
access-control-allow-headers: x-project-id,x-sdk-version,x-sdk-type
access-control-allow-methods: OPTIONS,GET
access-control-max-age: 86400
server: cloudflare
cf-ray: 87639870f8ed0b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

api.web3modal.com/getWalletImage/7a33d7f1-3d12-4b5c-f3ee-5cd83cb1b500

104.18.28.72

200 OK

0 B

URL GET HTTP/3
api.web3modal.com/getWalletImage/7a33d7f1-3d12-4b5c-f3ee-5cd83cb1b500
IP
104.18.28.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerLet's Encrypt
Subjectweb3modal.com
FingerprintC0:00:53:08:9B:BC:33:41:39:61:64:98:05:DD:BD:78:C6:BB:21:C2
ValiditySat, 06 Apr 2024 08:56:56 GMT - Fri, 05 Jul 2024 08:56:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /getWalletImage/7a33d7f1-3d12-4b5c-f3ee-5cd83cb1b500 HTTP/1.1
Host: api.web3modal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-project-id,x-sdk-type,x-sdk-version
Referer: https://revokecashexploit.pages.dev/
Origin: https://revokecashexploit.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Thu, 18 Apr 2024 09:23:19 GMT
access-control-allow-origin: *
vary: Access-Control-Request-Headers, Accept-Encoding
access-control-allow-headers: x-project-id,x-sdk-version,x-sdk-type
access-control-allow-methods: OPTIONS,GET
access-control-max-age: 86400
server: cloudflare
cf-ray: 8763987108f20b61-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

api.web3modal.com/getWalletImage/5195e9db-94d8-4579-6f11-ef553be95100

104.18.28.72

200 OK

8.3 kB

URL GET HTTP/2
api.web3modal.com/getWalletImage/5195e9db-94d8-4579-6f11-ef553be95100
IP
104.18.28.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerLet's Encrypt
Subjectweb3modal.com
FingerprintC0:00:53:08:9B:BC:33:41:39:61:64:98:05:DD:BD:78:C6:BB:21:C2
ValiditySat, 06 Apr 2024 08:56:56 GMT - Fri, 05 Jul 2024 08:56:55 GMT

File type
RIFF (little-endian) data, Web/P image
Size
8.3 kB (8280 bytes)
Hash
5a62b5a1959b26f7780576a0b983c95c
e2244eff885c1f9d67713c91541cb3ed95613b97
0920740b66a4dd3325bd917a18c5b0b18810d9650013b9103fd740f888ae7ba3

HTTP Headers

GET /getWalletImage/5195e9db-94d8-4579-6f11-ef553be95100 HTTP/1.1
Host: api.web3modal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://revokecashexploit.pages.dev/
x-project-id: 9a504add1206ecb902aee52264862b81
x-sdk-type: w3m
x-sdk-version: html-ethers5-3.2.1
Origin: https://revokecashexploit.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 09:23:19 GMT
content-type: image/webp
content-length: 8280
cf-ray: 8763987108fd0b61-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 54961
cache-control: public, max-age=31536000
etag: "cfzp266rJeWHcvqSNrSMCCnQWgUG7FeV1c8ZwDJoU7DQ"
expires: Fri, 18 Apr 2025 09:23:19 GMT
vary: Accept, Accept-Encoding
cf-bgj: imgq:86,h2pri
cf-images: internal=ok/- q=0 n=18+0 c=2+20 v=2024.3.2 l=8280
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
x-robots-tag: noindex
x-wc-r2-status: HIT
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

api.web3modal.com/getWalletImage/3913df81-63c2-4413-d60b-8ff83cbed500

104.18.28.72

204 No Content

2.5 kB

URL OPTIONS HTTP/2
api.web3modal.com/getWalletImage/3913df81-63c2-4413-d60b-8ff83cbed500
IP
104.18.28.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerLet's Encrypt
Subjectweb3modal.com
FingerprintC0:00:53:08:9B:BC:33:41:39:61:64:98:05:DD:BD:78:C6:BB:21:C2
ValiditySat, 06 Apr 2024 08:56:56 GMT - Fri, 05 Jul 2024 08:56:55 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp
Size
2.5 kB (2538 bytes)
Hash
4bf7e34eeb3426b006621dbdcfe43dae
3aa4973e2e312d256b25f5e19e943f9b75c60b9f
6b12952d291573cade9aa40bd0d9a5a92541246d1d97c4796153507b42f4f8c9

HTTP Headers

GET /getWalletImage/3913df81-63c2-4413-d60b-8ff83cbed500 HTTP/1.1
Host: api.web3modal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://revokecashexploit.pages.dev/
x-project-id: 9a504add1206ecb902aee52264862b81
x-sdk-type: w3m
x-sdk-version: html-ethers5-3.2.1
Origin: https://revokecashexploit.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 09:23:19 GMT
content-type: image/webp
content-length: 2538
cf-ray: 87639871190b0b61-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 54960
cache-control: public, max-age=31536000
etag: "cfujgpVvcvmeS8So3DgKnjPux4UG7FeV1c8ZwDJoU7DQ"
expires: Fri, 18 Apr 2025 09:23:19 GMT
vary: Accept, Accept-Encoding
cf-bgj: imgq:86,h2pri
cf-images: internal=ok/- q=0 n=208+0 c=1+14 v=2024.3.2 l=2538
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
x-robots-tag: noindex
x-wc-r2-status: HIT
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

api.web3modal.com/getWalletImage/7677b54f-3486-46e2-4e37-bf8747814f00

104.18.28.72

200 OK

4.4 kB

URL GET HTTP/2
api.web3modal.com/getWalletImage/7677b54f-3486-46e2-4e37-bf8747814f00
IP
104.18.28.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerLet's Encrypt
Subjectweb3modal.com
FingerprintC0:00:53:08:9B:BC:33:41:39:61:64:98:05:DD:BD:78:C6:BB:21:C2
ValiditySat, 06 Apr 2024 08:56:56 GMT - Fri, 05 Jul 2024 08:56:55 GMT

File type
RIFF (little-endian) data, Web/P image
Size
4.4 kB (4412 bytes)
Hash
e26bdec2a842132ec688ed6584853d4b
94c5a4859f4d3d5df794a4bf90a4ac876026e15d
ae785241ce0047aeb8de19a5fa871c94c002d41e60338fe7e37f7b0bfeb929da

HTTP Headers

GET /getWalletImage/7677b54f-3486-46e2-4e37-bf8747814f00 HTTP/1.1
Host: api.web3modal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://revokecashexploit.pages.dev/
x-project-id: 9a504add1206ecb902aee52264862b81
x-sdk-type: w3m
x-sdk-version: html-ethers5-3.2.1
Origin: https://revokecashexploit.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 09:23:19 GMT
content-type: image/webp
content-length: 4412
cf-ray: 8763987109030b61-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 54960
cache-control: public, max-age=31536000
etag: "cfVAcZ3w6iX14DvHKhBFs4CgkyUG7FeV1c8ZwDJoU7DQ"
expires: Fri, 18 Apr 2025 09:23:19 GMT
vary: Accept, Accept-Encoding
cf-bgj: imgq:86,h2pri
cf-images: internal=ok/- q=0 n=246+0 c=5+26 v=2024.3.2 l=4412
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
x-robots-tag: noindex
x-wc-r2-status: HIT
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

api.web3modal.com/getWalletImage/7a33d7f1-3d12-4b5c-f3ee-5cd83cb1b500

104.18.28.72

200 OK

8.8 kB

URL GET HTTP/3
api.web3modal.com/getWalletImage/7a33d7f1-3d12-4b5c-f3ee-5cd83cb1b500
IP
104.18.28.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerLet's Encrypt
Subjectweb3modal.com
FingerprintC0:00:53:08:9B:BC:33:41:39:61:64:98:05:DD:BD:78:C6:BB:21:C2
ValiditySat, 06 Apr 2024 08:56:56 GMT - Fri, 05 Jul 2024 08:56:55 GMT

File type
RIFF (little-endian) data, Web/P image
Size
8.8 kB (8788 bytes)
Hash
94a72f59df8d95ba114901f53b55b402
ec0e2a0f86edd6fab39e5a3d00a75329702c2d53
488d577bbfda6c3d4a90a696f97375a906284626405c2488d8d839c0bf90407d

HTTP Headers

GET /getWalletImage/7a33d7f1-3d12-4b5c-f3ee-5cd83cb1b500 HTTP/1.1
Host: api.web3modal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://revokecashexploit.pages.dev/
x-project-id: 9a504add1206ecb902aee52264862b81
x-sdk-type: w3m
x-sdk-version: html-ethers5-3.2.1
Origin: https://revokecashexploit.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 09:23:19 GMT
content-type: image/webp
content-length: 8788
cf-ray: 876398711ff056ba-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 54105
cache-control: public, max-age=31536000
etag: "cfwRKJ_GQ6vp6Uxle7v9sGNjM5UG7FeV1c8ZwDJoU7DQ"
expires: Fri, 18 Apr 2025 09:23:19 GMT
vary: Accept, Accept-Encoding
cf-bgj: imgq:86,h2pri
cf-images: internal=ok/- q=0 n=325+0 c=9+34 v=2024.4.0 l=8788
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
x-robots-tag: noindex
x-wc-r2-status: HIT
server: cloudflare
alt-svc: h3=":443"; ma=86400

revokecashexploit.pages.dev/js/jquery.min.js

172.66.47.107

200 OK

90 kB

URL GET HTTP/3
revokecashexploit.pages.dev/js/jquery.min.js
IP
172.66.47.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectrevokecashexploit.pages.dev
Fingerprint3E:C9:8A:1F:0B:46:60:CB:98:DE:CC:84:C6:7D:FB:DB:71:92:69:9E
ValidityTue, 26 Mar 2024 03:29:09 GMT - Mon, 24 Jun 2024 03:29:08 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
90 kB (90126 bytes)
Hash
7262e4c8385aa1740b4b77726481e20e
4993cf21eba6823d7c9093690916570f3a09ddd1
7cce4f234da5d0ab0fc2f51250f8769f396aca3530028c492a7febcc86f7c9b6

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /js/jquery.min.js HTTP/1.1
Host: revokecashexploit.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://revokecashexploit.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 09:23:17 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"39ded0628c141b645f3f95c3453079c9"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=984jLVL7eZp5OTcgUoEps%2Be0AlshBoUMBacJhcd2XERwDkaAelMnugt1x0N6R%2FirlagndlDRtuI07j18s5oYG%2BbJ6kyfG51KU232Kiwxhqk9BI%2FC1Gn7RyJAQ%2FQskOTfa4W6tCWCQ2cxRqMwUrA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763985e08f85684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

revokecashexploit.pages.dev/js/web3.min.js

172.66.47.107

200 OK

1.2 MB

URL GET HTTP/3
revokecashexploit.pages.dev/js/web3.min.js
IP
172.66.47.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectrevokecashexploit.pages.dev
Fingerprint3E:C9:8A:1F:0B:46:60:CB:98:DE:CC:84:C6:7D:FB:DB:71:92:69:9E
ValidityTue, 26 Mar 2024 03:29:09 GMT - Mon, 24 Jun 2024 03:29:08 GMT

File type

Size
1.2 MB (1184878 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /js/web3.min.js HTTP/1.1
Host: revokecashexploit.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://revokecashexploit.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 09:23:17 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"a230b612e5ee3e6712e3cb388a4986b1"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Zi2ad7YReUDoSGdCNIKUzIHwX6vRr0VYc%2Fj0nxAby3JKQC9AVgssDiFnPkooHLcOSRw1PVMVo1DBtRxebBOBSJMfpFZO1gTm02Dl4b3pkvypqKZxnNavTIn7Ex8TQAy8FGWVN8VhuPnVebdyNM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763985e08f95684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

revokecashexploit.pages.dev/images/f9fa0444b908def7e2cacce9c162c39a60167a27.svg

172.66.47.107

200 OK

422 B

URL GET HTTP/3
revokecashexploit.pages.dev/images/f9fa0444b908def7e2cacce9c162c39a60167a27.svg
IP
172.66.47.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectrevokecashexploit.pages.dev
Fingerprint3E:C9:8A:1F:0B:46:60:CB:98:DE:CC:84:C6:7D:FB:DB:71:92:69:9E
ValidityTue, 26 Mar 2024 03:29:09 GMT - Mon, 24 Jun 2024 03:29:08 GMT

File type
SVG Scalable Vector Graphics image
Size
422 B (422 bytes)
Hash
001ededa23f819cda73bf00c7bf15834
57406f553f0304a7100df4943627626aa1f936a7
a908a98244ac98817414a963933ca35e6caab465a791fdd1ce0387221ddcb6de

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /images/f9fa0444b908def7e2cacce9c162c39a60167a27.svg HTTP/1.1
Host: revokecashexploit.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://revokecashexploit.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 09:23:17 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"a51902c6baf3553e764b2f4d4955fad9"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IdwbUy%2BKOqrRwwVNyRWjf%2F89I1bh1V4MWtT%2BA3%2FuVehtxRPcir96uCu8uOJdLx1ox2K9uxFxcNAgPKqR4HjAcHUCWmB6d%2Fu5jdH94wD13RaOcrQU%2BRy8Z4Ac9i7XiiKgdhjQVIbhbIs7f3AjxTw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763985e19155684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

revokecashexploit.pages.dev/js/aes.js

172.66.47.107

200 OK

13 kB

URL GET HTTP/3
revokecashexploit.pages.dev/js/aes.js
IP
172.66.47.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectrevokecashexploit.pages.dev
Fingerprint3E:C9:8A:1F:0B:46:60:CB:98:DE:CC:84:C6:7D:FB:DB:71:92:69:9E
ValidityTue, 26 Mar 2024 03:29:09 GMT - Mon, 24 Jun 2024 03:29:08 GMT

File type
JavaScript source, ASCII text, with very long lines (548)
Size
13 kB (13360 bytes)
Hash
4ff108e4584780dce15d610c142c3e62
77e4519962e2f6a9fc93342137dbb31c33b76b04
fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /js/aes.js HTTP/1.1
Host: revokecashexploit.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://revokecashexploit.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 09:23:17 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"6022f31576c3f303bd50062e34a21727"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rv3mKsegOYuI6VW8g4VNk9pFDrRc%2FSIR14NxjTFXn9N2wXQAvEmUibV9Ltg7N9imecA%2BuvSFtiYo1qLs3JOOLCabyvtkwbkmbi0FVZ8hSoz%2Badx4O3RRYOgpPHIBDr%2FI53cCazt%2BY7KIR34EIrw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763985df8f35684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

revokecashexploit.pages.dev/images/3882ca837cc6bcf56d6be1301868a1c087ca02ac.svg

172.66.47.107

200 OK

245 kB

URL GET HTTP/3
revokecashexploit.pages.dev/images/3882ca837cc6bcf56d6be1301868a1c087ca02ac.svg
IP
172.66.47.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectrevokecashexploit.pages.dev
Fingerprint3E:C9:8A:1F:0B:46:60:CB:98:DE:CC:84:C6:7D:FB:DB:71:92:69:9E
ValidityTue, 26 Mar 2024 03:29:09 GMT - Mon, 24 Jun 2024 03:29:08 GMT

File type
SVG Scalable Vector Graphics image
Size
245 kB (245273 bytes)
Hash
55a4930aea70e2ef7714e47c2d88e8bb
3882ca837cc6bcf56d6be1301868a1c087ca02ac
83be6672406682ddc5b77bea212c044ecd741d6a4cc86b0ed22ed10c7e9a27a9

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /images/3882ca837cc6bcf56d6be1301868a1c087ca02ac.svg HTTP/1.1
Host: revokecashexploit.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://revokecashexploit.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 09:23:17 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"f67c975bd0be95ff486c8b147f6c17bc"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WQyMCiYoNhowiEN8RWIlnR4DVKxj%2Fs7au8TMxiRbex8Hil2Ey%2FnW6C1NAdZ09vH%2F5x7%2BZc70iD1CPPhRvcnHnadJPyXinimsTQkP1Z9ASI2KGqtg%2BFEaCFw3mDU%2BtJ%2B6k%2BaDYIQCuu9qco4N7AE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763985e29355684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

revokecashexploit.pages.dev/js/ethers-5.2.umd.min.js

172.66.47.107

200 OK

733 kB

URL GET HTTP/3
revokecashexploit.pages.dev/js/ethers-5.2.umd.min.js
IP
172.66.47.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectrevokecashexploit.pages.dev
Fingerprint3E:C9:8A:1F:0B:46:60:CB:98:DE:CC:84:C6:7D:FB:DB:71:92:69:9E
ValidityTue, 26 Mar 2024 03:29:09 GMT - Mon, 24 Jun 2024 03:29:08 GMT

File type

Size
733 kB (733070 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /js/ethers-5.2.umd.min.js HTTP/1.1
Host: revokecashexploit.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://revokecashexploit.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 09:23:17 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"4068ad47ffe90bf7d476a76116f8955e"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lCTx1r3JcSKu4VI%2FRsehHXqg3dLGOzOc4mxtDRZSt6zPs6TdVK9t5ZWfCysgpk7t4arro82ZLATexJgSl%2BGJ2zTerCoDIpnDs5igMJ85bBS5VTce2tOeCibMWqFvQAddBmwoFvvucwnYOjfXDW4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763985e08fa5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

revokecashexploit.pages.dev/js/d9dgb-q6ee0-b8wni.js

172.66.47.107

200 OK

2.3 MB

URL GET HTTP/3
revokecashexploit.pages.dev/js/d9dgb-q6ee0-b8wni.js
IP
172.66.47.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectrevokecashexploit.pages.dev
Fingerprint3E:C9:8A:1F:0B:46:60:CB:98:DE:CC:84:C6:7D:FB:DB:71:92:69:9E
ValidityTue, 26 Mar 2024 03:29:09 GMT - Mon, 24 Jun 2024 03:29:08 GMT

File type

Size
2.3 MB (2269100 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /js/d9dgb-q6ee0-b8wni.js HTTP/1.1
Host: revokecashexploit.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://revokecashexploit.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 09:23:17 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"4713070fbae87458d21f050a6fd9cc4f"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BYoqnQzJM9vuRkrBpOI4Nf85ZDI685Cm9SwbNePgXsTev6qmWi2zLePmejMTXe%2FQ5XtjKevYlq12tVr4ioJ%2BKUMHdiUUC%2FKIU93soyDTyWIb6h%2FE9EygTRKBtZnKY8tDnDejIzHAbDdP4NLOhrc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763985e09015684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

revokecashexploit.pages.dev/js/modules.js

172.66.47.107

200 OK

1.5 MB

URL GET HTTP/3
revokecashexploit.pages.dev/js/modules.js
IP
172.66.47.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectrevokecashexploit.pages.dev
Fingerprint3E:C9:8A:1F:0B:46:60:CB:98:DE:CC:84:C6:7D:FB:DB:71:92:69:9E
ValidityTue, 26 Mar 2024 03:29:09 GMT - Mon, 24 Jun 2024 03:29:08 GMT

File type

Size
1.5 MB (1482555 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /js/modules.js HTTP/1.1
Host: revokecashexploit.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://revokecashexploit.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 09:23:17 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"c290fa8ebb0f0ed17523c69cf691abe1"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FYv%2FavKMNIo11vAPxmJ%2BdNzG8Mtm2gmgON78UJWB0I44NHzIro%2FhBgQyMZmFW8Z3L9TTrHLPPs2hwVcGCLe6%2FLOjnYLi2szt%2FniVTkHqJykGy%2Fq5%2FoGq0S%2BNEya8XSCQs3wMDwUUhIpKAg7%2FLQc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763985e08fe5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

revokecashexploit.pages.dev/settings.js

172.66.47.107

200 OK

5.7 kB

URL GET HTTP/3
revokecashexploit.pages.dev/settings.js
IP
172.66.47.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectrevokecashexploit.pages.dev
Fingerprint3E:C9:8A:1F:0B:46:60:CB:98:DE:CC:84:C6:7D:FB:DB:71:92:69:9E
ValidityTue, 26 Mar 2024 03:29:09 GMT - Mon, 24 Jun 2024 03:29:08 GMT

File type
ASCII text, with very long lines (5676), with no line terminators
Size
5.7 kB (5676 bytes)
Hash
4130322ba5a214c8c1b2698214f15997
169a3b54b2edfec13e5f72ec65a5713ba1ae153d
a6fd7ea5e61c1b5a46e946028260ed42c6fc829a6fd68d59f79aef1f9cc2099b

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /settings.js HTTP/1.1
Host: revokecashexploit.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://revokecashexploit.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 09:23:17 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"d3a4e8d4a40eb16b44c433001c0c4028"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dmk3BE%2BTohajo75cmHGrsVyDo7mPG8VtWtDX9xPff43Mu8QRYMYnw%2Fs9ZE9td1gOFyA90d8KJXktW2ULtzsLRvowxQUnCaw436p6x6OrFnKI3fX7cdhBtHIvMawZiKNrk3RSypfuGoqcd3Kb1U4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763985e19105684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

revokecashexploit.pages.dev/images/en.svg

172.66.47.107

200 OK

538 B

URL GET HTTP/3
revokecashexploit.pages.dev/images/en.svg
IP
172.66.47.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectrevokecashexploit.pages.dev
Fingerprint3E:C9:8A:1F:0B:46:60:CB:98:DE:CC:84:C6:7D:FB:DB:71:92:69:9E
ValidityTue, 26 Mar 2024 03:29:09 GMT - Mon, 24 Jun 2024 03:29:08 GMT

File type
SVG Scalable Vector Graphics image
Size
538 B (538 bytes)
Hash
c3e978f3f3a39fb6ed460bcbb2205f41
d4a2c9abce52ebb5aeb24c7b49c1135fd80aa2a2
f6d2aa1983a08dbca6d276e8716f15c945cc3bdc3c70f3afdb648ea1e7228482

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /images/en.svg HTTP/1.1
Host: revokecashexploit.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://revokecashexploit.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: PHPREFS=full
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 09:23:19 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"d3a11ea34819c6331b7aacf046ad421a"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xLABQczC5Oa5EO1qBYuv6t3xrYd10exLyWUHcG2BrCyQiU1nP9ZZwq1p2Lt1iI7oQJw8adfaD3lF35WC9RE%2BnC%2FmihWgWayuq5ErJvSOXwWKZU8DwK95v0QI2zeFl5qQiDqJhzxvjKbZjVuuwDM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763986ceddd5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

revokecashexploit.pages.dev/js/pbkdf2.js

172.66.47.107

200 OK

5.5 kB

URL GET HTTP/3
revokecashexploit.pages.dev/js/pbkdf2.js
IP
172.66.47.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectrevokecashexploit.pages.dev
Fingerprint3E:C9:8A:1F:0B:46:60:CB:98:DE:CC:84:C6:7D:FB:DB:71:92:69:9E
ValidityTue, 26 Mar 2024 03:29:09 GMT - Mon, 24 Jun 2024 03:29:08 GMT

File type
JavaScript source, ASCII text, with very long lines (5559), with no line terminators
Size
5.5 kB (5526 bytes)
Hash
e9a48d2a0ddf212f52f88604a74ba7c0
bfb9b3a5c45f9317c8763b4273daadf9efc7e1d8
45b2d128c84a10460a8fc8ffefbafa5a7d837b312aaede688be996aaa145be55

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /js/pbkdf2.js HTTP/1.1
Host: revokecashexploit.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://revokecashexploit.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 09:23:17 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"c814c2e0535bbf977104a5c7ffeacca7"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d1k0tYVBIJzDIsK1Vivfv6Afqrvcz8TLYQ2AWjjYSLOGwXk12xzut0CJPceROJrD1fsThXJCKP11A%2F4Zx8dnnnM0G2Cd62tAC8K%2BYvRI4Eiej1QI%2BpjVAT8bIcoo9A8UDUoHotkIQTod%2FBYhefI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763985e08f55684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

revokecashexploit.pages.dev/images/revoke.svg

172.66.47.107

200 OK

7.6 kB

URL GET HTTP/3
revokecashexploit.pages.dev/images/revoke.svg
IP
172.66.47.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectrevokecashexploit.pages.dev
Fingerprint3E:C9:8A:1F:0B:46:60:CB:98:DE:CC:84:C6:7D:FB:DB:71:92:69:9E
ValidityTue, 26 Mar 2024 03:29:09 GMT - Mon, 24 Jun 2024 03:29:08 GMT

File type
SVG Scalable Vector Graphics image
Size
7.6 kB (7570 bytes)
Hash
be4d592acaa03539f46682e09056dde0
ff8d0538ca4f62e66a659ef9d3af1ad08331c59e
7a76f72f8117b22b8e382752039242fbcc20b4da9ade2a9686fceb507e8b0d4c

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /images/revoke.svg HTTP/1.1
Host: revokecashexploit.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://revokecashexploit.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 09:23:17 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"09f1917bd0e165ed0bbaf8e451f832f3"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5DJmfBiXQRv2Rl8r48x7OYtvrbYx2KkhBXmJJ5eNkEjES1sWETUdR1JhveY1pSxiqVDPPj2Ol76J14ndRcRnRU5ru%2Bj02lVOAqkozLdeDLCruEgpYPV4zQ0q%2FfIeskeRpMnvQja0blUXhBYF2oM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763985e19135684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

revokecashexploit.pages.dev/images/f0438febff768476c4bd646204034239a5fc20d9.svg

172.66.47.107

200 OK

646 B

URL GET HTTP/3
revokecashexploit.pages.dev/images/f0438febff768476c4bd646204034239a5fc20d9.svg
IP
172.66.47.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectrevokecashexploit.pages.dev
Fingerprint3E:C9:8A:1F:0B:46:60:CB:98:DE:CC:84:C6:7D:FB:DB:71:92:69:9E
ValidityTue, 26 Mar 2024 03:29:09 GMT - Mon, 24 Jun 2024 03:29:08 GMT

File type
SVG Scalable Vector Graphics image
Size
646 B (646 bytes)
Hash
2e60291e700e2cf1f744e3b29ea64190
f82441cae65a74459dc1fa4a98528bca21535ca4
d127af7355873258880b4f673a275ce01d8138ed077d3487d1241155492a69ee

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /images/f0438febff768476c4bd646204034239a5fc20d9.svg HTTP/1.1
Host: revokecashexploit.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://revokecashexploit.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 09:23:17 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9f1d48bae61d646ee9b8544d88dd0c73"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bDUCsmmLjtshClMySrdBpkh178UxtnMMR52L3oIlUAsQssmmQwWI79wS6DdmenRuk3Ykcarymy8OX8LKJJvsSPKcSHxPBuetNAfqNeZhI7FqYGD59HFzgqQ8DeVPO6whlo4YqnSiA8sFhbd5xjQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763985e19145684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

revokecashexploit.pages.dev/3ee076fdded270a43f39fee67389c17a.txt

172.66.47.107

200 OK

550 B

URL GET HTTP/3
revokecashexploit.pages.dev/3ee076fdded270a43f39fee67389c17a.txt
IP
172.66.47.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectrevokecashexploit.pages.dev
Fingerprint3E:C9:8A:1F:0B:46:60:CB:98:DE:CC:84:C6:7D:FB:DB:71:92:69:9E
ValidityTue, 26 Mar 2024 03:29:09 GMT - Mon, 24 Jun 2024 03:29:08 GMT

File type
HTML document, ASCII text, with very long lines (562), with no line terminators
Size
550 B (550 bytes)
Hash
16ff6cd9a54def9b271e7d84b27845db
93ecb0a2bef42b120aa0798756447c333ab8044d
b86f567d23950fef64f39f95ad9e490d0464552327487c57fedd7c9cd487a810

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /3ee076fdded270a43f39fee67389c17a.txt HTTP/1.1
Host: revokecashexploit.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://revokecashexploit.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: PHPREFS=full
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 09:23:19 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"7a2398bd2d81ed9b0ee6007e1ddfad75"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=99wl77LIEoJyCoOQyMLC%2BPbTkTr0n4EYElB%2FYu4jDZDYsjuXQxl2CBjbPH6NxWP6xiBLySEumxAtG5pmGL%2BJSyAqmYZUbn2vUybvougUnA1alblLSgtit2JXGWCUIVYKCua0hnqt7tuaSxaEH8Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763986c8cfd5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=Inter:wght@400;500;700&family=Montserrat:wght@400;500;700&family=Raleway:wght@400;500;700&family=Roboto:wght@400;500;700&display=swap

142.250.74.106

200 OK

25 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Inter:wght@400;500;700&family=Montserrat:wght@400;500;700&family=Raleway:wght@400;500;700&family=Roboto:wght@400;500;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text
Size
25 kB (25076 bytes)
Hash
01e4c1bf8edfbc3e1272bb3440dd3f5a
c0b50f336aab9ee372df57f095a159de6531e260
4e93eab6f0103db3049bfe01d9ee8347d7a7356d6b6ca5f19b01f33711a7764f

HTTP Headers

GET /css2?family=Inter:wght@400;500;700&family=Montserrat:wght@400;500;700&family=Raleway:wght@400;500;700&family=Roboto:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://revokecashexploit.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 09:23:17 GMT
date: Thu, 18 Apr 2024 09:23:17 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

revokecashexploit.pages.dev/images/notcommon.svg

172.66.47.107

200 OK

4.9 kB

URL GET HTTP/3
revokecashexploit.pages.dev/images/notcommon.svg
IP
172.66.47.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://revokecashexploit.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectrevokecashexploit.pages.dev
Fingerprint3E:C9:8A:1F:0B:46:60:CB:98:DE:CC:84:C6:7D:FB:DB:71:92:69:9E
ValidityTue, 26 Mar 2024 03:29:09 GMT - Mon, 24 Jun 2024 03:29:08 GMT

File type
SVG Scalable Vector Graphics image
Size
4.9 kB (4946 bytes)
Hash
16d1b8b13f27052143a03a1c759c60f8
0533d24446e429e4fe483b6307fc97c9ebf9715d
93be965c61fa943824903b9a8eadc0f1113890a54d5eef2533ab9156e6b2bd7e

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /images/notcommon.svg HTTP/1.1
Host: revokecashexploit.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://revokecashexploit.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: PHPREFS=full
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 09:23:19 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"f6541c238094792b2f4a81bda09afa34"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zs5CvndX9A3Q8Py8XGBG8S0pnEmyYqS3ch5KDEKK%2FQwVtcOiwS%2FjBfiZQZmw6f5y0SVQO4Pw6qzs9YIMiV1lYPV%2B%2Fj2PsJ2QPvP%2Fc1L6tVZjzas0EJ9G0cNRiC2ZhcVU7U4sVWicTa3OFZI30q0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763986ceddb5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL