urlscan.io logo urlscan.io
SecurityTrails logo

www.shapsehift.online Open in urlscan Pro
2a02:4780:9:604:0:1a60:5846:7  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://www.shapsehift.online/
Submission: On December 16 via manual from PT — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 14 HTTP transactions. The main IP is 2a02:4780:9:604:0:1a60:5846:7, located in Vilnius, Lithuania and belongs to AS-HOSTINGER, CY. The main domain is www.shapsehift.online.
TLS certificate: Issued by R3 on December 16th 2022. Valid for: 3 months.
This is the only time www.shapsehift.online was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

IP Address AS Autonomous System
6 2a02:4780:9:6... 47583 (AS-HOSTINGER)
1 7 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
14 5
Apex Domain
Subdomains		 Transfer
7 unpkg.com
unpkg.com — Cisco Umbrella Rank: 793
925 KB
6 shapsehift.online
www.shapsehift.online
102 KB
1 shapeshift.com
app.shapeshift.com
3 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 686
83 KB
14 4
Domain Requested by
7 unpkg.com 1 redirects www.shapsehift.online
6 www.shapsehift.online www.shapsehift.online
1 app.shapeshift.com www.shapsehift.online
1 code.jquery.com www.shapsehift.online
14 4

This site contains links to these domains. Also see Links.

Domain
app.shapeshift.com
shapeshift.zendesk.com
Subject Issuer Validity Valid
shapsehift.online
R3		 2022-12-16 -
2023-03-16		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-01 -
2023-06-01		 a year crt.sh
shapeshift.com
Cloudflare Inc ECC CA-3		 2022-05-12 -
2023-05-11		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.shapsehift.online/
Frame ID: B0EAAE53381FB8E151A6BFC9E13BF0BA
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Подключить кошелек | ShapeShift

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

93 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

1112 kB
Transfer

3364 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://unpkg.com/@metamask/legacy-web3@latest/dist/metamask.web3.min.js HTTP 302
  • https://unpkg.com/@metamask/legacy-web3@2.0.0/dist/metamask.web3.min.js

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.shapsehift.online/ 		21 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.shapsehift.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:9:604:0:1a60:5846:7 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
1cf89ce9462f78a852ecb8b496fe1d52f0b4acdc87d45272ac2be4099ab06d23
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
4747
content-security-policy
upgrade-insecure-requests
content-type
text/html
date
Fri, 16 Dec 2022 13:30:13 GMT
etag
"54a2-639c3b85-2f55cac4bd279d4d;br"
last-modified
Fri, 16 Dec 2022 09:33:57 GMT
platform
hostinger
server
LiteSpeed
vary
Accept-Encoding
main.7a2f786d.css
www.shapsehift.online/assets/ 		26 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shapsehift.online/assets/main.7a2f786d.css
Requested by
Host: www.shapsehift.online
URL: https://www.shapsehift.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:9:604:0:1a60:5846:7 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
3ccc8bad9ec8d86a3e370076ceede1ebe4bbb2529ad15be6dadd4b92be61ca37
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
Origin
https://www.shapsehift.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 13:30:13 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Fri, 16 Dec 2022 09:34:03 GMT
server
LiteSpeed
etag
"6848-639c3b8b-fb5281407b25f8c1;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
3465
expires
Fri, 23 Dec 2022 13:30:13 GMT
styles.css
www.shapsehift.online/assets/ 		48 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shapsehift.online/assets/styles.css
Requested by
Host: www.shapsehift.online
URL: https://www.shapsehift.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:9:604:0:1a60:5846:7 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
3dcfc89c21ce27f76a120b3b4f450c5ee07bd9007f6be9ab3f76b7b6fbe29a5c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 13:30:13 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Fri, 16 Dec 2022 09:34:03 GMT
server
LiteSpeed
etag
"c053-639c3b8b-6eca2fd534574f0e;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
5838
expires
Fri, 23 Dec 2022 13:30:13 GMT
metamask.web3.min.js
unpkg.com/@metamask/legacy-web3@2.0.0/dist/
Redirect Chain
  • https://unpkg.com/@metamask/legacy-web3@latest/dist/metamask.web3.min.js
  • https://unpkg.com/@metamask/legacy-web3@2.0.0/dist/metamask.web3.min.js
242 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@metamask/legacy-web3@2.0.0/dist/metamask.web3.min.js
Requested by
Host: www.shapsehift.online
URL: https://www.shapsehift.online/
Protocol
H2
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50b5e9fc66be298b843d41b7505b709ef6f484048b29d068730d435f0e21d8e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 13:30:13 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
28099678
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01FT843F82VES47RNY5A06M5XM
server
cloudflare
etag
W/"3c8eb-87oFBezHk6Cjv6YCnpaGkC4twTc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77a7c5bae981912e-FRA

Redirect headers

date
Fri, 16 Dec 2022 13:30:13 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GMDJ0Z4K9XMGQ6F6XBJAKYXT-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
21
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/@metamask/legacy-web3@2.0.0/dist/metamask.web3.min.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
77a7c5ba5fc5912e-FRA
jquery-3.6.0.js
code.jquery.com/ 		282 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.js
Requested by
Host: www.shapsehift.online
URL: https://www.shapsehift.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239

Request headers

Referer
Origin
https://www.shapsehift.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 13:30:14 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-46744"
vary
Accept-Encoding
x-hw
1671197414.dop054.fr8.t,1671197414.cds057.fr8.hn,1671197414.cds148.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
84714
web3.min.js
unpkg.com/web3@1.2.11/dist/ 		1 MB
294 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web3@1.2.11/dist/web3.min.js
Requested by
Host: www.shapsehift.online
URL: https://www.shapsehift.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57260df9b7b8c98913555b9221c91668e94b69f180335b5cd956be0884f772c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 13:30:13 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
28100103
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01FT83PEMDNSP7X7X8Z7MBP5KQ
server
cloudflare
etag
W/"11c1e2-CBKBj3aedzOyuXE1C535ub1XCzM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77a7c5ba5fcf912e-FRA
index.js
unpkg.com/web3modal@1.9.0/dist/ 		418 KB
190 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web3modal@1.9.0/dist/index.js
Requested by
Host: www.shapsehift.online
URL: https://www.shapsehift.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67ad2454feca6eb213f4a70cc588137e6bd21ad95c0eda2709faa2317ff90359
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 13:30:13 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
28100061
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01FT83QSJ33RTC8ZPJ6RZJDS3F
server
cloudflare
etag
W/"68879-tm7vwPb2IqrA2oEDTYylltO0M54"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77a7c5ba5fd1912e-FRA
index.min.js
unpkg.com/evm-chains@0.2.0/dist/umd/ 		22 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/evm-chains@0.2.0/dist/umd/index.min.js
Requested by
Host: www.shapsehift.online
URL: https://www.shapsehift.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d93c05813c158faf533a332c1b49f2a9f0432e0454fdefd1a2c9f11428b7a4e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 13:30:13 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
25131890
last-modified
Mon, 02 Nov 2020 20:31:28 GMT
fly-request-id
01FX0JD6DY11N10S0XRV4HC5FC-fra
server
cloudflare
etag
W/"5881-yk4n8EqlvpHDLglCWD85vKUneh8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77a7c5ba5fd4912e-FRA
index.min.js
unpkg.com/@walletconnect/web3-provider@1.2.1/dist/umd/ 		1 MB
354 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@walletconnect/web3-provider@1.2.1/dist/umd/index.min.js
Requested by
Host: www.shapsehift.online
URL: https://www.shapsehift.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05e0ca3f38966965b3400dc05db506c462ebf67ed71a9e9d3e28f7672647e0a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 13:30:13 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
25138020
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01FX0CKSEMZAYNS5C0YCHAZ3AS-fra
server
cloudflare
etag
W/"10354c-SQkpH4nf0Fs213c6eRJ65TZA0Lo"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77a7c5ba5fdb912e-FRA
fortmatic.js
unpkg.com/fortmatic@2.0.6/dist/ 		35 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/fortmatic@2.0.6/dist/fortmatic.js
Requested by
Host: www.shapsehift.online
URL: https://www.shapsehift.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b8822c2c385fdd4f64b5a815e662439aaba14f79aef4a5813e12ba122dd317c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 13:30:13 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
28086496
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01FT8GNS3HR383VR02T5G5VZ06
server
cloudflare
etag
W/"8c78-8aiIHAt6DTXiyYHBtC37524NjvI"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
77a7c5ba5fdd912e-FRA
trust_platform.svg
www.shapsehift.online/assets/ 		587 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shapsehift.online/assets/trust_platform.svg
Requested by
Host: www.shapsehift.online
URL: https://www.shapsehift.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:9:604:0:1a60:5846:7 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
0982e4641370365bf263593277a3aca4bdfb502f63d2e616b26a2b2e541133e1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 13:30:14 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Fri, 16 Dec 2022 09:34:03 GMT
server
LiteSpeed
etag
"24b-639c3b8b-f0545647d4267b87;br"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
305
expires
Fri, 23 Dec 2022 13:30:14 GMT
script.js
www.shapsehift.online/assets/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shapsehift.online/assets/script.js
Requested by
Host: www.shapsehift.online
URL: https://www.shapsehift.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:9:604:0:1a60:5846:7 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
d17e74bbd2a2d269e12865ea9bd7d65bb8139b9892372a88895d9b764f93a517
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 13:30:13 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Fri, 16 Dec 2022 09:34:03 GMT
server
LiteSpeed
etag
"14e7-639c3b8b-b5d449e9adcb2d4d;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1151
expires
Fri, 23 Dec 2022 13:30:13 GMT
env.json
app.shapeshift.com/ 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://app.shapeshift.com/env.json
Requested by
Host: www.shapsehift.online
URL: https://www.shapsehift.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ef05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
Origin
https://www.shapsehift.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'none'
content-encoding
gzip
cdn-pullzone
699547
referrer-policy
no-referrer
cdn-proxyver
1.03
etag
W/"QmQ94tBjCroMoJ33d7RyWSWMgjLH8443FZiScwjjWxjpYm"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cdn-cache
HIT
access-control-expose-headers
Content-Range, X-Chunked-Output, X-Stream-Output
cache-control
max-age=60, stale-while-revalidate=3600
x-ipfs-path
/ipfs/bafybeihwxqk64xhzxvfmbrlfibqomvevgji7wkyqdcgfyil6w44qm4fn5u/env.json
x-frame-options
DENY
cdn-requestcountrycode
DE
access-control-allow-headers
Content-Type, Range, User-Agent, X-Requested-With
date
Fri, 16 Dec 2022 13:30:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
cdn-edgestorageid
1055
x-cache-status
MISS
cdn-cachedat
12/14/2022 06:05:09
x-xss-protection
0
x-request-id
8efc393c9538df7ea25a35a33564c849
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
cloudflare
cdn-requestpullcode
200
cross-origin-opener-policy
same-origin-allow-popups
cdn-uid
070ccd6e-b4b0-4c90-b45a-e26d7534205d
permissions-policy
document-domain=()
cdn-requestid
0df5fcbdf3589dc5bf8e9bfbf54bf0f7
cf-ray
77a7c5be5c725cb0-FRA
cdn-status
200
cdn-requestpullsuccess
True
aurorabg.3757627048c7ef6096ef.jpg
www.shapsehift.online/assets/ 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shapsehift.online/assets/aurorabg.3757627048c7ef6096ef.jpg
Requested by
Host: www.shapsehift.online
URL: https://www.shapsehift.online/assets/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:9:604:0:1a60:5846:7 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
3757627048c7ef6096ef630a3992be94c01ff181f1f61162b7fccb72daa44bec
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.shapsehift.online/assets/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 13:30:14 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Fri, 16 Dec 2022 09:34:02 GMT
server
LiteSpeed
etag
"155a3-639c3b8a-22dc3c5efafce536;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
87459
expires
Fri, 23 Dec 2022 13:30:14 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d17514e4c6ec3082d1321979a48ca6975a2fa1682a8e633a320fcff5e1a67c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8eee49e3d0f4e651f9f40adfd661861997715b99d5b88103ae44d248ca6b1751

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| Web3 function| $ function| jQuery function| setImmediate function| clearImmediate object| regeneratorRuntime object| Web3Modal object| evmChains object| WalletConnectProvider function| Fortmatic function| getAccounts function| getAccountsMobile function| signTransaction function| signTransactionMobile function| connectWallet function| openModal function| updateWeb3Modal

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests