br-shabeshlft.online Open in urlscan Pro
2606:4700:3030::6815:44ed  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response br-shabeshlft.online/	10 KB 3 KB	336ms 208ms	Document text/html	2606:4700:3030::6815:44ed CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://br-shabeshlft.online/?s=c2hhcGVzaGlmdDswNA== Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:44ed , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash 79694df18be9fb945fa006bdcb79eadaf70734644c23f3417577ce0df32ec1b0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 781264fa7bda0bed-AMS content-encoding br content-type text/html; charset=UTF-8 date Thu, 29 Dec 2022 12:03:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nngxVCcOcrXWTHd3%2BP85YD1c5jHCdF%2B2QHWXtDPp%2BxEaZGj5dPEZJ9Y6cnxfkSsDuON1TmZ%2F9DKy%2FUE5ItH1VCT33P85aEG7g9xWq4NZhvzCo%2F7st7iB03FfBllMUtPIJTyjBI%2FGz09UIqBmsv%2FPis9Bfw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.33
GET H2	200	estilo.css br-shabeshlft.online/shapeshift/	34 KB 5 KB	84ms 82ms	Stylesheet text/css	2606:4700:3030::6815:44ed CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://br-shabeshlft.online/shapeshift/estilo.css Requested by Host: br-shabeshlft.online URL: https://br-shabeshlft.online/?s=c2hhcGVzaGlmdDswNA== Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:44ed , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 14a2725184876da31bc7e6a80ebefbb1891d540d303e86697221aab89af4bed2 Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Thu, 29 Dec 2022 12:03:47 GMT content-encoding br cf-cache-status HIT last-modified Sun, 25 Dec 2022 10:59:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 161 etag W/"63a82d24-89df" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QtKCCKAEiSrtjr1IBCRCkjkNk2cntZgZ3wTBIMgntpBJTp91bkULgVCiQt5GQItEU3zz3qhVkhHr9vunuzna4yohyed2A%2Blf0BwveuvljKKIMY4DLhIewLNZMs7qtwOfAPJhfWYdwJOTC69ydMi04fq2ZQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 781264fbecf70bed-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	jquery-3.6.1.min.js Show response br-shabeshlft.online/js/	88 KB 32 KB	85ms 83ms	Script application/javascript	2606:4700:3030::6815:44ed CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://br-shabeshlft.online/js/jquery-3.6.1.min.js Requested by Host: br-shabeshlft.online URL: https://br-shabeshlft.online/?s=c2hhcGVzaGlmdDswNA== Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:44ed , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 131c0d82967fed05e1920e519e0ea6ec91ab97b7c40480f72f8af8680bba1f0a Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Thu, 29 Dec 2022 12:03:47 GMT content-encoding br cf-cache-status HIT last-modified Sun, 25 Dec 2022 10:59:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 161 etag W/"63a82d1e-15e3f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kkhsUHKHC8yR919Qg%2FQ75uspC4sbU0jj1aq9rxjo2q3z9vDXMt5ju6ZXewd%2F2ETkKG%2F4NoS6BuN1soW7DsuKLTnEY%2FJIE6OHqtd602l9LwZOUMLjzPhujAgaDAIrQmsGsVFvFHcM%2F6Vahg5JDtfMWixxHA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 781264fbecf80bed-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	ethers-5.2.umd.min.js Show response cdn.ethers.io/lib/	716 KB 198 KB	199ms 56ms	Script application/javascript	13.225.78.106 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.ethers.io/lib/ethers-5.2.umd.min.js Requested by Host: br-shabeshlft.online URL: https://br-shabeshlft.online/?s=c2hhcGVzaGlmdDswNA== Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.106 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-106.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash c2bcdc085e0557a379a6056c629be748d22a3c1dbe539a48ae02de7d69c95eff Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers x-amz-version-id 3StspTE73ijjMFvXMjx4rHtfrweE9frC content-encoding gzip via 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront) date Wed, 28 Dec 2022 18:56:05 GMT last-modified Thu, 20 May 2021 21:33:05 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 61663 etag W/"50ed955cf32ac8e4e1daa0fac8fcde98" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 x-amz-cf-id e4jEsu44mD9ICyiqvaAd0MSr-vGpWuCdzDRiY7bN52YPlGnek-Jl8A==
GET H2	200	web3.min.js Show response cdn.jsdelivr.net/npm/web3@latest/dist/	1 MB 350 KB	145ms 58ms	Script application/javascript	2606:4700::6810:5514 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/web3@latest/dist/web3.min.js Requested by Host: br-shabeshlft.online URL: https://br-shabeshlft.online/?s=c2hhcGVzaGlmdDswNA== Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 71d7328c8b5a399aac329a83d86b51058c01e0e0414fc4577dabfc79c518c6d8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Thu, 29 Dec 2022 12:03:47 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 25826 x-jsd-version 1.8.1 content-encoding br x-cache HIT, MISS cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra-eddf8230054-FRA, cache-yyz4523-YYZ x-jsd-version-type version server cloudflare etag W/"163759-IwpZDBwarMNpRlZFtitwZD1oxeo" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N5Goi11LBswMWyAN1vN%2FsPoBH3upKfLSuCdTCotR%2FaucZh6xqRND7AwjigGJfFdrdJfdfYXj1Ctv4Nw%2FA%2FJpVrSWb26obBcZvlDmc4QKbAaw15zDTNhvNWUp%2Bkdwpwuns1VmjOlcX4V9%2B5egd8I%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 781264fc4c16d97b-HEL
GET H2	200	index.min.js Show response cdn.jsdelivr.net/npm/@walletconnect/web3-provider@1.7.1/dist/umd/	733 KB 195 KB	180ms 93ms	Script application/javascript	2606:4700::6810:5514 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@walletconnect/web3-provider@1.7.1/dist/umd/index.min.js Requested by Host: br-shabeshlft.online URL: https://br-shabeshlft.online/?s=c2hhcGVzaGlmdDswNA== Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 249f824f34fd0715ba6210535decaab795ce238de0dcdf9ffb40a5d6b2ea0369 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Thu, 29 Dec 2022 12:03:47 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 11069316 x-jsd-version 1.7.1 content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19154-FRA, cache-iad-kiad7000144-IAD x-jsd-version-type version server cloudflare etag W/"b72ae-I2VpOtfGa9/GSavEcSax34GI2zI" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gQiKwpOplgAw5%2BfywL9zs1N3GW%2Bc170cS3AGWEj4W8dQ7UAOP6AIuNfpQkj1RpHsOpiK793B0YwR6avYBIcqk78CTIysWts4O1Yqw%2Fhnk7tHBFgpp50o%2FwBZ2HSog66y%2F5r8hMTV4PuEJMEAU70%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cf-ray 781264fc4c1ad97b-HEL
GET H2	200	ethereumjs-tx-1.3.3.min.js Show response cdn.jsdelivr.net/gh/ethereumjs/browser-builds/dist/ethereumjs-tx/	315 KB 92 KB	187ms 100ms	Script application/javascript	2606:4700::6810:5514 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/ethereumjs/browser-builds/dist/ethereumjs-tx/ethereumjs-tx-1.3.3.min.js Requested by Host: br-shabeshlft.online URL: https://br-shabeshlft.online/?s=c2hhcGVzaGlmdDswNA== Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Thu, 29 Dec 2022 12:03:47 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 587 x-jsd-version master content-encoding br x-cache HIT, MISS cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19134-FRA, cache-cdg20721-CDG x-jsd-version-type branch server cloudflare etag W/"4edeb-1sQW5dFT9QD3rGbSWitz20WGetQ" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hH6IrUxGjWrxUgSrZaZDPYS8CkPgC7dI7vrqo%2FQ5dNJRfGaFhugcBMoLADFlJSHUTWASY2wL57WM18kThOf4THx8BBYNbyJnBA0Ng8svMKL04NSWgJL%2BNCfoJQWtafvgDR%2BcDO1Lj4D5FBiwj80%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 781264fc4c28d97b-HEL
GET H2	200	keccak256.js Show response cdn.jsdelivr.net/npm/keccak256@latest/	292 KB 68 KB	178ms 91ms	Script application/javascript	2606:4700::6810:5514 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/keccak256@latest/keccak256.js Requested by Host: br-shabeshlft.online URL: https://br-shabeshlft.online/?s=c2hhcGVzaGlmdDswNA== Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 88f4993e7e84aef5f7260bf1846558cdac02db313a3b2ab3eaa3deeda85fed31 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Thu, 29 Dec 2022 12:03:47 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 9553 x-jsd-version 1.0.6 content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19183-FRA, cache-iad-kiad7000045-IAD x-jsd-version-type version server cloudflare etag W/"48f2d-XYSplk+1Z6bB7lJslSty4v/cISA" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8J8gxVNG%2BIl2p8MDtzTIjVGJRdNhCzA1xBdIJdkjrze1nOTxiLcqFR9HBvaz0SfnlPF9yi84lYipYq3ILRqg5xrSw9ezSLbnZOAnvFLtuWwTfIEMCCNr89Dmp0MHOg2CBXhBqlqgRJKFaVGgDQk%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 781264fc4c2fd97b-HEL
GET H2	200	script.min.js Show response br-shabeshlft.online/js/	8 KB 3 KB	80ms 79ms	Script application/javascript	2606:4700:3030::6815:44ed CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://br-shabeshlft.online/js/script.min.js?v=10 Requested by Host: br-shabeshlft.online URL: https://br-shabeshlft.online/?s=c2hhcGVzaGlmdDswNA== Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:44ed , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b9a7269bfcef6f6bca7b66b8ac23af7051c1c4725255553ed3d8e215f99bddfc Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Thu, 29 Dec 2022 12:03:47 GMT content-encoding br cf-cache-status HIT last-modified Sun, 25 Dec 2022 10:59:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 161 etag W/"63a82d1e-1ef0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FaGxOvWBdWLOTmOAGGXjuCzf9DijyLnMdwkzEnueixlscUMpIQUYWs1ofGPC3Isd%2BhWPUYOvpGgiDfubTIpq0Tph%2BkrvbnTnxUCKhHTOknx%2FSryzFe%2FXIXc5TdSCZvDosMuRbuj%2FRV2gVccFaQl8p46nvQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 781264fbecf90bed-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	aurorabg.3757627048c7ef6096ef.jpg app.shapeshift.com/static/media/	85 KB 87 KB	285ms 211ms	Image image/jpeg	2606:4700::6810:f005 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://app.shapeshift.com/static/media/aurorabg.3757627048c7ef6096ef.jpg Requested by Host: br-shabeshlft.online URL: https://br-shabeshlft.online/shapeshift/estilo.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:f005 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3757627048c7ef6096ef630a3992be94c01ff181f1f61162b7fccb72daa44bec Security Headers Name Value Content-Security-Policy frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://br-shabeshlft.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers content-security-policy frame-ancestors 'none' cdn-pullzone 699547 referrer-policy no-referrer cf-bgj h2pri cdn-proxyver 1.03 x-ipfs-roots bafybeihwxqk64xhzxvfmbrlfibqomvevgji7wkyqdcgfyil6w44qm4fn5u,QmWS6db8YYn2KCWnqvqohoTS7KGiQeJYUzQQLcfjawYcHr,QmVPmyakPDwBNsKLE7Qwf9nKCPmHMSKvLN7ZajAs8cTRvM,QmcyJfAT53oTHQ7nCD5meVrgeRXtGrDnbngm3PdRnYE9pJ etag "QmcyJfAT53oTHQ7nCD5meVrgeRXtGrDnbngm3PdRnYE9pJ" x-frame-options DENY access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * cdn-cache REVALIDATED access-control-expose-headers Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output cache-control public, max-age=14400 x-ipfs-path /ipfs/bafybeihwxqk64xhzxvfmbrlfibqomvevgji7wkyqdcgfyil6w44qm4fn5u/static/media/aurorabg.3757627048c7ef6096ef.jpg vary Accept-Encoding access-control-allow-headers Content-Type, Range, User-Agent, X-Requested-With cdn-requestcountrycode DE expires Thu, 29 Dec 2022 16:03:48 GMT date Thu, 29 Dec 2022 12:03:48 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff cf-cache-status REVALIDATED cdn-edgestorageid 1048 x-cache-status HIT cdn-cachedat 12/18/2022 05:10:45 content-length 87459 x-xss-protection 0 x-request-id ec1f08b2012da5c1aee5dcf5afd4bd08 server cloudflare cdn-requestpullcode 200 cross-origin-opener-policy same-origin-allow-popups cdn-uid 070ccd6e-b4b0-4c90-b45a-e26d7534205d permissions-policy document-domain=() cdn-requestid 687791961ca910a7478ca4d686147d12 accept-ranges bytes cf-ray 78126500dab9d963-HEL cdn-status 200 cdn-requestpullsuccess True
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8eee49e3d0f4e651f9f40adfd661861997715b99d5b88103ae44d248ca6b1751 Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	wallets.json Show response registry.walletconnect.org/data/	255 KB 45 KB	124ms 54ms	Fetch application/json	2606:4700:20::681a:649 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://registry.walletconnect.org/data/wallets.json Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/@walletconnect/web3-provider@1.7.1/dist/umd/index.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2606:4700:20::681a:649 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aad1c1eb10a0af306f1c8c16ae7dd12d59176c1c484e327fdd6da8806d916939 Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Thu, 29 Dec 2022 12:03:48 GMT content-encoding br cf-cache-status HIT last-modified Thu, 29 Dec 2022 12:01:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 160 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qiDIYryfsDyZLzN56z7p2r%2B460251qxMUTFsFgDYERKt2K08YRExDmpyl2vQez%2FaHFAvwzzgAQHLuDsaNFvhjbP5uXsNsnyKf0dklq7Q3E7%2BM1JgBoW1%2FRjSEl4fYUCC8rSB3qKeAph5GVLxiCRS0ETqAgThYmDj"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin * cache-control public, max-age=21600, s-maxage=7200 cf-ray 781265043824d973-HEL x-robots-tag noindex

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| $ function| jQuery object| _ethers object| ethers function| setImmediate function| clearImmediate object| regeneratorRuntime function| Web3 object| WalletConnectProvider object| ethereumjs function| keccak256 string| user function| signTransaction function| getBalanceToken boolean| mobile function| hexToDec function| NewTransaction function| Metamask function| save_log function| WalletConnect function| openModal function| open_metamask function| open_trustwallet object| provider

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			br-shabeshlft.online/	1970-01-20 08:32:17	Name: config Value: c2hhcGVzaGlmdDswNA%3D%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.shapeshift.com
br-shabeshlft.online
cdn.ethers.io
cdn.jsdelivr.net
registry.walletconnect.org
13.225.78.106
2606:4700:20::681a:649
2606:4700:3030::6815:44ed
2606:4700::6810:5514
2606:4700::6810:f005
10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0
131c0d82967fed05e1920e519e0ea6ec91ab97b7c40480f72f8af8680bba1f0a
14a2725184876da31bc7e6a80ebefbb1891d540d303e86697221aab89af4bed2
249f824f34fd0715ba6210535decaab795ce238de0dcdf9ffb40a5d6b2ea0369
3757627048c7ef6096ef630a3992be94c01ff181f1f61162b7fccb72daa44bec
71d7328c8b5a399aac329a83d86b51058c01e0e0414fc4577dabfc79c518c6d8
79694df18be9fb945fa006bdcb79eadaf70734644c23f3417577ce0df32ec1b0
88f4993e7e84aef5f7260bf1846558cdac02db313a3b2ab3eaa3deeda85fed31
8eee49e3d0f4e651f9f40adfd661861997715b99d5b88103ae44d248ca6b1751
aad1c1eb10a0af306f1c8c16ae7dd12d59176c1c484e327fdd6da8806d916939
b9a7269bfcef6f6bca7b66b8ac23af7051c1c4725255553ed3d8e215f99bddfc
c2bcdc085e0557a379a6056c629be748d22a3c1dbe539a48ae02de7d69c95eff