shapeshift-btc.com Open in urlscan Pro
193.38.54.146 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://shapeshift-btc.com/
Effective URL:
https://shapeshift-btc.com/
Submission Tags: 6722590
Submission: On August 07 via api (August 7th 2020, 9:58:31 am UTC) from NL

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 5 countries across 9 domains to perform 22 HTTP transactions. The main IP is 193.38.54.146, located in and belongs to SERVERIUS-AS, NL. The main domain is shapeshift-btc.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 2nd 2020. Valid for: 3 months.

This is the only time shapeshift-btc.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
2 10	193.38.54.146 193.38.54.146	50673 (SERVERIUS-AS) (SERVERIUS-AS)
3	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2606:4700::68... 2606:4700::6810:85e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:825::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:1883	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
22	11

10 193.38.54.146 (None, ) 2 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: shapeshift.com

shapeshift-btc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1883 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	shapeshift-btc.com 2 redirects shapeshift-btc.com	389 KB
3	fontawesome.com use.fontawesome.com	85 KB
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	33 KB
2	cloudflare.com cdnjs.cloudflare.com	8 KB
2	jquery.com code.jquery.com	190 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	31 KB
1	tawk.to embed.tawk.to
1	gstatic.com fonts.gstatic.com	36 KB
22	9

	Domain	Requested by
10	shapeshift-btc.com	2 redirects shapeshift-btc.com ajax.googleapis.com
3	use.fontawesome.com	shapeshift-btc.com
2	counter.yadro.ru	1 redirects shapeshift-btc.com
2	maxcdn.bootstrapcdn.com	shapeshift-btc.com
2	cdnjs.cloudflare.com	shapeshift-btc.com
2	code.jquery.com	shapeshift-btc.com
1	embed.tawk.to	shapeshift-btc.com
1	fonts.gstatic.com	shapeshift-btc.com
1	fonts.googleapis.com	shapeshift-btc.com
1	ajax.googleapis.com	shapeshift-btc.com
22	10

This site contains no links.

Subject Issuer	Validity	Valid
shapeshift-btc.com Let's Encrypt Authority X3	`2020-08-02` - `2020-10-31`	3 months	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2019-10-28` - `2020-12-23`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
cloudflare.com Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-29` - `2021-07-29`	a year	crt.sh
counter.yadro.ru GoGetSSL ECC DV CA	`2020-02-02` - `2022-05-02`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://shapeshift-btc.com/
Frame ID: 18042D2DB8B9FAD4964729438B5F5EE6
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://shapeshift-btc.com/ HTTP 301
https://shapeshift-btc.com/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

22
Requests

100 %
HTTPS

70 %
IPv6

9
Domains

10
Subdomains

11
IPs

5
Countries

772 kB
Transfer

2893 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://shapeshift-btc.com/ HTTP 301
https://shapeshift-btc.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://shapeshift-btc.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP 301
https://shapeshift-btc.com/

Request Chain 19

https://counter.yadro.ru/hit?t26.1;r;s1600*1200*24;uhttps%3A//shapeshift-btc.com/;hShapeShift%20Giveaway%20%7C%20Double%20your%20BTC%20right%20now%21;0.3586392482423464 HTTP 302
https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//shapeshift-btc.com/;hShapeShift%20Giveaway%20%7C%20Double%20your%20BTC%20right%20now%21;0.3586392482423464

22 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
shapeshift-btc.com/
Redirect Chain

http://shapeshift-btc.com/
https://shapeshift-btc.com/

22 KB
7 KB

147ms
55ms

Document
text/html

193.38.54.146
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shapeshift-btc.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.38.54.146 -, , ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: shapeshift.com
Software: nginx /
Resource Hash: 28b738c21f31c465b5069e6dbd23ebf8c4bf2c407aea2d21e79579ce65b2f5b5

Request headers

Host: shapeshift-btc.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Fri, 07 Aug 2020 09:58:14 GMT
Content-Type: text/html
Content-Length: 6657
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Sun, 02 Aug 2020 14:18:13 GMT
ETag: "5945-5abe5b149795b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Fri, 07 Aug 2020 09:58:14 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 235
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://shapeshift-btc.com/

GET
H2 200 all.css
use.fontawesome.com/releases/v5.1.0/css/ 45 KB
11 KB 155ms
30ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Requested by: Host: shapeshift-btc.com
URL: https://shapeshift-btc.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://shapeshift-btc.com/
Origin: https://shapeshift-btc.com

Response headers

date: Fri, 07 Aug 2020 09:58:15 GMT
content-encoding: gzip
last-modified: Wed, 20 Jun 2018 20:19:16 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"826c57385f3d35cfed5478ba7b1f5c03"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H/1.1 200
OK style.css
shapeshift-btc.com/css/ 1 MB
21 KB 80ms
77ms Stylesheet
text/css 193.38.54.146
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shapeshift-btc.com/css/style.css
Requested by: Host: shapeshift-btc.com
URL: https://shapeshift-btc.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.38.54.146 -, , ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: shapeshift.com
Software: nginx /
Resource Hash: f49c4a3d626ee02313cb64ead9b2eff8a9ca58318967273b5ec9007119d1ca02

Request headers

Referer: https://shapeshift-btc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 09:58:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Jul 2020 14:54:40 GMT
Server: nginx
ETag: W/"5f203c30-1468e0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: shapeshift-btc.com
URL: https://shapeshift-btc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shapeshift-btc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 08:04:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6806
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Aug 2021 08:04:48 GMT

GET
H2 200 jquery-ui.js Show response
code.jquery.com/ui/1.11.4/ 460 KB
112 KB 30ms
8ms Script
application/javascript 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.11.4/jquery-ui.js
Requested by: Host: shapeshift-btc.com
URL: https://shapeshift-btc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 0c8e8d7408611519ceda4e759ae9987834a17addc8f0028241ffed7fb0113612

Request headers

Referer: https://shapeshift-btc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 09:58:14 GMT
content-encoding: gzip
last-modified: Wed, 11 Mar 2015 13:03:17 GMT
server: nginx
status: 200
etag: W/"55003d15-72e44"
vary: Accept-Encoding
x-hw: 1596794294.dop145.fr8.t,1596794294.cds210.fr8.hn,1596794294.cds125.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 114093

GET
H2 200 jquery.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ 1 KB
1 KB 40ms
20ms Script
application/javascript 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js

Requested by

Host: shapeshift-btc.com
URL: https://shapeshift-btc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://shapeshift-btc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 09:58:14 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 15730818
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0469f46a840000dfb70d935200000001
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:20:12 GMT
server: cloudflare
etag: W/"5afd494c-514"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5bf023573b70dfb7-FRA
expires: Wed, 28 Jul 2021 09:58:14 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 141 KB
20 KB 27ms
7ms Stylesheet
text/css 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css

Requested by

Host: shapeshift-btc.com
URL: https://shapeshift-btc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://shapeshift-btc.com/
Origin: https://shapeshift-btc.com

Response headers

date: Fri, 07 Aug 2020 09:58:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:34:10 GMT
status: 200
etag: "1544639650"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 20563

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 19 KB
7 KB 36ms
16ms Script
application/javascript 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

Requested by

Host: shapeshift-btc.com
URL: https://shapeshift-btc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://shapeshift-btc.com/
Origin: https://shapeshift-btc.com

Response headers

date: Fri, 07 Aug 2020 09:58:14 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 15730818
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0469f46a840000d721932e1200000001
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:25:14 GMT
server: cloudflare
etag: W/"5afd4a7a-4af4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5bf023573a9fd721-FRA
expires: Wed, 28 Jul 2021 09:58:14 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 48 KB
13 KB 32ms
12ms Script
text/javascript 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

Requested by

Host: shapeshift-btc.com
URL: https://shapeshift-btc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://shapeshift-btc.com/
Origin: https://shapeshift-btc.com

Response headers

date: Fri, 07 Aug 2020 09:58:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:33:52 GMT
status: 200
etag: "1544639632"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 13105

GET
H/1.1 200
OK qr.png
shapeshift-btc.com/img/ 24 KB
24 KB 128ms
39ms Image
image/png 193.38.54.146
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shapeshift-btc.com/img/qr.png
Requested by: Host: shapeshift-btc.com
URL: https://shapeshift-btc.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.38.54.146 -, , ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: shapeshift.com
Software: nginx /
Resource Hash: 20860d98aea8cb39057e2da1bb007951a65b4989c798e25a3c56d9354936f377

Request headers

Referer: https://shapeshift-btc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 09:58:15 GMT
Last-Modified: Tue, 28 Jul 2020 14:54:43 GMT
Server: nginx
ETag: "5f203c33-5e20"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 24096
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK clipboard.js Show response
shapeshift-btc.com/js/ 13 KB
4 KB 45ms
45ms Script
application/javascript 193.38.54.146
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shapeshift-btc.com/js/clipboard.js
Requested by: Host: shapeshift-btc.com
URL: https://shapeshift-btc.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.38.54.146 -, , ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: shapeshift.com
Software: nginx /
Resource Hash: 8d8c57ab9d01a67977288c3597656e37fa7fe2422f059ca16bb6295943aef864

Request headers

Referer: https://shapeshift-btc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 09:58:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Jul 2020 14:54:44 GMT
Server: nginx
ETag: W/"5f203c34-3332"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1

200
OK

/ Show response
shapeshift-btc.com/
Redirect Chain

https://shapeshift-btc.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
https://shapeshift-btc.com/

22 KB
7 KB

67ms
55ms

Script
text/html

193.38.54.146
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shapeshift-btc.com/
Requested by: Host: shapeshift-btc.com
URL: https://shapeshift-btc.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.38.54.146 -, , ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: shapeshift.com
Software: nginx /
Resource Hash: 28b738c21f31c465b5069e6dbd23ebf8c4bf2c407aea2d21e79579ce65b2f5b5

Request headers

Referer: https://shapeshift-btc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 09:58:15 GMT
Content-Encoding: gzip
Last-Modified: Sun, 02 Aug 2020 14:18:13 GMT
Server: nginx
ETag: "5945-5abe5b149795b-gzip"
Vary: Accept-Encoding
Content-Type: text/html
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 6657

Redirect headers

Location: https://shapeshift-btc.com/
Date: Fri, 07 Aug 2020 09:58:15 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 235
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 jquery-3.3.1.js Show response
code.jquery.com/ 265 KB
79 KB 9ms
9ms Script
application/javascript 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.js
Requested by: Host: shapeshift-btc.com
URL: https://shapeshift-btc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad

Request headers

Referer: https://shapeshift-btc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 09:58:15 GMT
content-encoding: gzip
last-modified: Sat, 20 Jan 2018 17:26:44 GMT
server: nginx
status: 200
etag: W/"5a637bd4-42587"
vary: Accept-Encoding
x-hw: 1596794295.dop145.fr8.t,1596794295.cds210.fr8.hn,1596794295.cds165.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 80268

GET
H2 200 css
fonts.googleapis.com/ 8 KB
781 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:400,500,600,700&disInter=swap

Requested by

Host: shapeshift-btc.com
URL: https://shapeshift-btc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f47d5cb08bf0d82d2af5081e24666562581598081b47bf64e824312916a8f8a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://shapeshift-btc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 Aug 2020 09:58:14 GMT
server: ESF
date: Fri, 07 Aug 2020 09:58:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Aug 2020 09:58:14 GMT

GET
H/1.1 200
OK bg.jpg
shapeshift-btc.com/img/ 301 KB
301 KB 44ms
43ms Image
image/jpeg 193.38.54.146
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shapeshift-btc.com/img/bg.jpg
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.38.54.146 -, , ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: shapeshift.com
Software: nginx /
Resource Hash: 766dae9bc172978f1014f0c3a77fe4d968a41e79acb0198c9db0b18f902e1419

Request headers

Referer: https://shapeshift-btc.com/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 09:58:15 GMT
Last-Modified: Tue, 28 Jul 2020 14:54:42 GMT
Server: nginx
ETag: "5f203c32-4b395"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 308117
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
fonts.gstatic.com/s/inter/v2/ 36 KB
36 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v2/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2

Requested by

Host: shapeshift-btc.com
URL: https://shapeshift-btc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9bba27460b9836abf81fb74f66ce01b11aeebe183706bbc116ed2fdcb04433d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Inter:400,500,600,700&disInter=swap
Origin: https://shapeshift-btc.com

Response headers

date: Sat, 11 Jul 2020 06:49:25 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Jun 2020 02:37:45 GMT
server: sffe
age: 2344130
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36564
x-xss-protection: 0
expires: Sun, 11 Jul 2021 06:49:25 GMT

GET
H2 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 15 KB
15 KB 34ms
33ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-regular-400.woff2
Requested by: Host: shapeshift-btc.com
URL: https://shapeshift-btc.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 1669bec36f12c35a00a2d23cf71b6061c85b8435f5c26445aab338f88dfe6629

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Origin: https://shapeshift-btc.com

Response headers

date: Fri, 07 Aug 2020 09:58:15 GMT
last-modified: Wed, 20 Jun 2018 20:19:32 GMT
server: NetDNA-cache/2.2
status: 200
etag: "a3715c6fe264a51f1d9260b447ff46bc"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 14952

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 58 KB
59 KB 40ms
39ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-solid-900.woff2
Requested by: Host: shapeshift-btc.com
URL: https://shapeshift-btc.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Origin: https://shapeshift-btc.com

Response headers

date: Fri, 07 Aug 2020 09:58:15 GMT
last-modified: Wed, 20 Jun 2018 20:19:36 GMT
server: NetDNA-cache/2.2
status: 200
etag: "18d2347ab2a9f40ca2247cdb03303d84"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 59572

GET
H2 404 default
embed.tawk.to/5f0650dc67771f3813c0af6e/ 0
0 551ms
534ms Script
application/x-javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/5f0650dc67771f3813c0af6e/default

Requested by

Host: shapeshift-btc.com
URL: https://shapeshift-btc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://shapeshift-btc.com/
Origin: https://shapeshift-btc.com

Response headers

date: Fri, 07 Aug 2020 09:58:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
server: cloudflare
status: 404
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, s-maxage=2592000
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 5bf02359c983634d-FRA
cf-request-id: 0469f46c200000634d4e889200000001

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t26.1;r;s1600*1200*24;uhttps%3A//shapeshift-btc.com/;hShapeShift%20Giveaway%20%7C%20Double%20your%20BTC%20right%20now%21;0.3586392482423464
https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//shapeshift-btc.com/;hShapeShift%20Giveaway%20%7C%20Double%20your%20BTC%20right%20now%21;0.3586392482423464

130 B
584 B

67ms
66ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//shapeshift-btc.com/;hShapeShift%20Giveaway%20%7C%20Double%20your%20BTC%20right%20now%21;0.3586392482423464

Requested by

Host: shapeshift-btc.com
URL: https://shapeshift-btc.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

383e1f880243a81995e28db70ba9c7ad737d5b3823908ae76858be605c8e7aa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://shapeshift-btc.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Aug 2020 09:58:15 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 130
Expires: Wed, 07 Aug 2019 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 07 Aug 2020 09:58:15 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//shapeshift-btc.com/;hShapeShift%20Giveaway%20%7C%20Double%20your%20BTC%20right%20now%21;0.3586392482423464
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Wed, 07 Aug 2019 21:00:00 GMT

GET
H/1.1 200
OK ready.png
shapeshift-btc.com/img/ 19 KB
19 KB 61ms
60ms Image
image/png 193.38.54.146
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shapeshift-btc.com/img/ready.png
Requested by: Host: shapeshift-btc.com
URL: https://shapeshift-btc.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.38.54.146 -, , ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: shapeshift.com
Software: nginx /
Resource Hash: 17e334c2acc930caec9424cb87c1d714fc5b059091064413cadb3edb31109019

Request headers

Referer: https://shapeshift-btc.com/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 09:58:15 GMT
Last-Modified: Tue, 28 Jul 2020 14:54:43 GMT
Server: nginx
ETag: "5f203c33-4a2e"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 18990
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK trade.png
shapeshift-btc.com/img/ 5 KB
6 KB 39ms
39ms Image
image/png 193.38.54.146
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shapeshift-btc.com/img/trade.png
Requested by: Host: shapeshift-btc.com
URL: https://shapeshift-btc.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.38.54.146 -, , ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: shapeshift.com
Software: nginx /
Resource Hash: b3f1f99c245c84a35df49ca9ab77961beae8d2b943d32227765f3a92fb1e2c46

Request headers

Referer: https://shapeshift-btc.com/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 09:58:15 GMT
Last-Modified: Tue, 28 Jul 2020 14:54:43 GMT
Server: nginx
ETag: "5f203c33-1570"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 5488
Expires: Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
code.jquery.com
counter.yadro.ru
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
shapeshift-btc.com
use.fontawesome.com
193.38.54.146
2001:4de0:ac19::1:b:1a
2001:4de0:ac19::1:b:3b
23.111.9.35
2606:4700:10::6816:1883
2606:4700::6810:85e5
2a00:1450:4001:802::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:825::200a
88.212.201.198
0c8e8d7408611519ceda4e759ae9987834a17addc8f0028241ffed7fb0113612
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1669bec36f12c35a00a2d23cf71b6061c85b8435f5c26445aab338f88dfe6629
17e334c2acc930caec9424cb87c1d714fc5b059091064413cadb3edb31109019
20860d98aea8cb39057e2da1bb007951a65b4989c798e25a3c56d9354936f377
28b738c21f31c465b5069e6dbd23ebf8c4bf2c407aea2d21e79579ce65b2f5b5
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
383e1f880243a81995e28db70ba9c7ad737d5b3823908ae76858be605c8e7aa0
766dae9bc172978f1014f0c3a77fe4d968a41e79acb0198c9db0b18f902e1419
8d8c57ab9d01a67977288c3597656e37fa7fe2422f059ca16bb6295943aef864
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9
b3f1f99c245c84a35df49ca9ab77961beae8d2b943d32227765f3a92fb1e2c46
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
f47d5cb08bf0d82d2af5081e24666562581598081b47bf64e824312916a8f8a7
f49c4a3d626ee02313cb64ead9b2eff8a9ca58318967273b5ec9007119d1ca02
f9bba27460b9836abf81fb74f66ce01b11aeebe183706bbc116ed2fdcb04433d

shapeshift-btc.com Open in urlscan Pro 193.38.54.146 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

70 %IPv6

9 Domains

10 Subdomains

11 IPs

5 Countries

772 kBTransfer

2893 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

35 JavaScript Global Variables

0 Cookies

Indicators

shapeshift-btc.com Open in urlscan Pro
193.38.54.146 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

70 %
IPv6

9
Domains

10
Subdomains

11
IPs

5
Countries

772 kB
Transfer

2893 kB
Size

0
Cookies

22 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!