urlscan.io logo urlscan.io
SecurityTrails logo

okx-usdt.shop Open in urlscan Pro
2606:4700:3034::ac43:b135  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://okx-usdt.shop/
Submission: On April 24 via manual from SC — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 2606:4700:3034::ac43:b135, located in United States and belongs to CLOUDFLARENET, US. The main domain is okx-usdt.shop.
TLS certificate: Issued by GTS CA 1P5 on April 3rd 2024. Valid for: 3 months.
This is the only time okx-usdt.shop was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

IP Address AS Autonomous System
2 14 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
16 3
Apex Domain
Subdomains		 Transfer
16 okx-usdt.shop
okx-usdt.shop
api.okx-usdt.shop
349 KB
16 1
Domain Requested by
14 okx-usdt.shop 2 redirects okx-usdt.shop
2 api.okx-usdt.shop okx-usdt.shop
16 2

This site contains no links.

Subject Issuer Validity Valid
okx-usdt.shop
GTS CA 1P5		 2024-04-03 -
2024-07-02		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://okx-usdt.shop/
Frame ID: 67D2B821094E77025D9B405A21D6EE26
Requests: 12 HTTP requests in this frame

Frame: https://okx-usdt.shop/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
Frame ID: 7F4211BEB8EA3313BE9AE8C7D1057E58
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://okx-usdt.shop/ Page URL
  2. https://okx-usdt.shop/cdn-cgi/phish-bypass?atok=GX0opO6dmI44HBdKI288T1juZizFFc1UIYJpupmfyUQ-171397... HTTP 301
    https://okx-usdt.shop/ Page URL

Page Statistics

16
Requests

81 %
HTTPS

100 %
IPv6

1
Domains

2
Subdomains

3
IPs

1
Countries

348 kB
Transfer

1919 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://okx-usdt.shop/ Page URL
  2. https://okx-usdt.shop/cdn-cgi/phish-bypass?atok=GX0opO6dmI44HBdKI288T1juZizFFc1UIYJpupmfyUQ-1713975345-0.0.1.1-%2F HTTP 301
    https://okx-usdt.shop/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://okx-usdt.shop/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://okx-usdt.shop/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
okx-usdt.shop/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://okx-usdt.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
169247b1adda6e0b67c4c0cf900bf8c99029518890b22ec99f1ba53abf4c4a41
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cf-ray
879764d3eff49ba0-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 24 Apr 2024 16:15:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LjzYgLeUEupNbv10ZD80A2TnZJWWxJ%2B77Ajg%2BzqTLQJhihQmJBxwA7l4QvuZ6Syx9BkWhA0PlsHcoGVzyVw4LQu6XBxhhStNn4vos8GkUyFGy1g4B8mlXIqQd8tBnJvGQ1%2B2d%2F5YnyxjqCn5"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf.errors.css
okx-usdt.shop/cdn-cgi/styles/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://okx-usdt.shop/cdn-cgi/styles/cf.errors.css
Requested by
Host: okx-usdt.shop
URL: https://okx-usdt.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://okx-usdt.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 16:15:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Apr 2024 20:54:07 GMT
server
cloudflare
etag
W/"6622d9ef-5df3"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
879764d4182e9ba0-FRA
expires
Wed, 24 Apr 2024 18:15:45 GMT
icon-exclamation.png
okx-usdt.shop/cdn-cgi/images/ 		452 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://okx-usdt.shop/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: okx-usdt.shop
URL: https://okx-usdt.shop/cdn-cgi/styles/cf.errors.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://okx-usdt.shop/cdn-cgi/styles/cf.errors.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 16:15:45 GMT
x-content-type-options
nosniff
last-modified
Fri, 19 Apr 2024 20:54:07 GMT
server
cloudflare
etag
"6622d9ef-1c4"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
879764d428559ba0-FRA
content-length
452
expires
Wed, 24 Apr 2024 18:15:45 GMT
favicon.ico
okx-usdt.shop/ 		548 B
564 B 		Other
General
Check archive.org
Download Go to
Full URL
https://okx-usdt.shop/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://okx-usdt.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 16:15:45 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dQg54bEcunKVPyONqv77NCZKZ2tsesXHGW2Y%2FPWIOdgSS%2BFtudZzQAgn4Wq55utuXmzmh0OsvcV4IEKZZ22YrDZKJ5EMvyFWTU4IHXF%2Fm4GnS0HjDWwCYXx5EPoUJSnaQ8ubSibwgSJxGAC%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
879764d4486e9ba0-FRA
alt-svc
h3=":443"; ma=86400
Primary Request /
okx-usdt.shop/
Redirect Chain
  • https://okx-usdt.shop/cdn-cgi/phish-bypass?atok=GX0opO6dmI44HBdKI288T1juZizFFc1UIYJpupmfyUQ-1713975345-0.0.1.1-%2F
  • https://okx-usdt.shop/
77 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://okx-usdt.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c754f7c786242938fef2e5dbedd934b28a72ee000a430371347345b8b385d28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://okx-usdt.shop/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
MISS
cf-ray
879764eaa83c9ba0-FRA
content-encoding
br
content-type
text/html
date
Wed, 24 Apr 2024 16:15:49 GMT
last-modified
Thu, 07 Mar 2024 05:06:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ttuVTHzS4k%2FUkBBoGBFJ%2BfVymtfsXkF1wI1R2jD9rgiIkfHNB4q3YUdHZo2E128JBNvBCq138M%2FZ5KmVv4Uc72PyCSZhx2lXkjVT46k3jPqteVe2qBVztfGmWjvVH9VjcTzmjsOpYcWT%2FWPV"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

cache-control
private, no-cache
cf-ray
879764ea981b9ba0-FRA
content-length
167
content-type
text/html
date
Wed, 24 Apr 2024 16:15:48 GMT
location
https://okx-usdt.shop/
server
cloudflare
x-content-type-options
nosniff
x-frame-options
DENY
D3iRxHl5IO8584f95c.js
okx-usdt.shop/js/ 		1 MB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://okx-usdt.shop/js/D3iRxHl5IO8584f95c.js
Requested by
Host: okx-usdt.shop
URL: https://okx-usdt.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d2bd815ec958e8ce594b4f950848454928ff8600172b4218f19205355b127e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://okx-usdt.shop/
Origin
https://okx-usdt.shop
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 16:15:50 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 07 Mar 2024 05:06:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65e94b46-11d9de"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EpcMn35Zfw08pSYpW2kV9phPjqacRO2P6D%2BMzsncLwJcAgi1iPfZjBjf4FPGzPBz1yso32FDInqEcWGpkRKX8cmlBCkCcy%2B6f%2FqCU9eoToAuirEHohX%2BjzdC9tQDwFn2BHV8XavQggHOx9B0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
879764eead419ba0-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 24 May 2024 16:15:49 GMT
swiper.3987b858.js
okx-usdt.shop/js/ 		155 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://okx-usdt.shop/js/swiper.3987b858.js
Requested by
Host: okx-usdt.shop
URL: https://okx-usdt.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
601520d3347e7abbb78704a2c48d1cf5086981ec2718f04dfa2e32fc1b2240eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://okx-usdt.shop/
Origin
https://okx-usdt.shop
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 16:15:50 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 07 Mar 2024 05:06:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65e94b46-26c80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tVJGfV0Khznitok4ZGzORrP5WOwEASIqA%2F7R1SSaD4WWrRNK%2BHlwmtssI3GPttlW%2BjfBQBKoKFOfdLVO02iPtqAmZY9Xzc%2BaxPHOwGNZkvG9OoGoQhb77Ygx6%2BAgIbInSzsfIzDyps7MUYr3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
879764eead449ba0-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 24 May 2024 16:15:49 GMT
wif1BKYtEY7c8ef494.css
okx-usdt.shop/assets/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://okx-usdt.shop/assets/wif1BKYtEY7c8ef494.css
Requested by
Host: okx-usdt.shop
URL: https://okx-usdt.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c8ef49407f27cee2a6f15174673a3d93a68ab0635a1aa0f6114cb2eb4a7078d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://okx-usdt.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 16:15:50 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 07 Mar 2024 05:06:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65e94b46-1931"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Srx%2BNTrFlZa8R2a2Oql9NZ0eUl3oPKKeiY4uw7iJzt2%2F1Zs8rN%2FmfnRXzgnuAgNA3T5zF%2FEWLPn5RTQa3Bw9%2BVyWu3X%2Brhkhi7P2h5kmdWCR8JQbv8ZgWTIVWy45eBpst1iyy4axYTKJgsel"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
879764eead469ba0-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 24 May 2024 16:15:49 GMT
3tAJNLi20Zdcc0f7b8.css
okx-usdt.shop/assets/ 		501 KB
107 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://okx-usdt.shop/assets/3tAJNLi20Zdcc0f7b8.css
Requested by
Host: okx-usdt.shop
URL: https://okx-usdt.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75c21041472dcbf45777ab3e88dd20251f2287f18fd2e4a1018758084f607a63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://okx-usdt.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 16:15:50 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 07 Mar 2024 05:06:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65e94b46-7d37b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t2Z9PmscrtjYqeqRVWdmyg3ni16uNyEtcIDH%2F5Sl9YxCsPSO%2B0%2F7lSeJFUHKhMPZ10oibN9mK1NToad1Qy80qQckAdORU%2BgfK9dfxFjIbH524UE4fXUMrgK9eLjfRa%2B%2FteDMyj9fVwEiWyfg"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
879764eead489ba0-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 24 May 2024 16:15:49 GMT
get_lang_json
api.okx-usdt.shop/api/public/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.okx-usdt.shop/api/public/get_lang_json?d=1713975350495&lang=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:3b7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
st-ctime,st-lang,st-ttgn
Access-Control-Request-Method
GET
Origin
https://okx-usdt.shop
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
879764f4eb429a2f-FRA
content-type
text/html
date
Wed, 24 Apr 2024 16:15:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9%2FDm18dSaAycL1Q0MyHxQxCUXqDfpRiGSHDBeXfqHnfFBivBRYlatoiSGzW4W%2FQwWpqP3C6ZvYtHLpsvYuUV11uPJ4%2FZkHafZcFVsnf4%2BnEhEOpLYdmSTBbxoJri4Ff8bAivCQm9%2F2BQrT99w323MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
app_info
api.okx-usdt.shop/api/user/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.okx-usdt.shop/api/user/app_info?d=1713975350500&flag=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:3b7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
st-ctime,st-lang,st-ttgn
Access-Control-Request-Method
GET
Origin
https://okx-usdt.shop
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
879764f4eb419a2f-FRA
content-type
text/html
date
Wed, 24 Apr 2024 16:15:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VYHDMU3GEwfoqjEdZBUCm4Oyq35L0fvLoaw7L92to5FccqkK3qIEzpSlzoUoAOislqUggY5Z3xlQ%2BTSUYW9BfuTITCKrC%2F5nBxt5P65B0CdeSYkSU8EBlWGoi%2BWec37eZ1loN9YyGKphrfMGnf%2F81Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
get_lang_json
api.okx-usdt.shop/api/public/ 		0
0
app_info
api.okx-usdt.shop/api/user/ 		0
0
main.js
okx-usdt.shop/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/ Frame 7F42
Redirect Chain
  • https://okx-usdt.shop/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://okx-usdt.shop/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://okx-usdt.shop/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
Protocol
H3
Server
2606:4700:3034::ac43:b135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f2dbac6255a7661813335d9237891c8ada8fde3c13e586f44ac983d0fbf9ceb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Apr 2024 16:15:50 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J9PSWBTJxRLFXa0dCK7jqOMzZk6wdkjS4izOR%2FWncVhmbm%2BMztGKl%2BDHo47s5%2BLFeDmiKY9akBkS4TaDqTU01eklGfDH0H1wk4AEficX4jDfiJ65rRnLwjlcbCELFTkK0GpMuj1evs%2Fz%2BhAz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
879764f4ceac9ba0-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 24 Apr 2024 16:15:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2hdzjU%2FM3z5DMYttUUPRFYQpy23DT8ORCHYo0zdTajy090jOTvj1GwP4Z%2FrtxRPQ%2Bn2iBySN6FWKVsk0k4UabNv942jJBUT%2BWVlrM1EWVlyVOGDHEjiYBpCQ%2FLnPLE44I6anISpuMhLrsZyJ"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
879764f4ae809ba0-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
879764eaa83c9ba0
okx-usdt.shop/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 7F42 		0
597 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://okx-usdt.shop/cdn-cgi/challenge-platform/h/b/jsd/r/879764eaa83c9ba0
Requested by
Host: okx-usdt.shop
URL: https://okx-usdt.shop/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 24 Apr 2024 16:15:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KPzEpD77%2BbkLYfgh%2BAEc7qKabp14FIkpzk6Js%2FKqQysGQl%2Bv6gFbncyEuLDds9xqA%2BqDyJmRIvB9NqGX0GYbR2%2F0jqv2VCTjdD5Lr48tUy1eSEeq5XgnvKfqLMm%2FvPLcDH6AF0F%2Fh8IBPW%2Fl"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
879764f57faf9ba0-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
bflAUTFrUra6cf58b4.js
okx-usdt.shop/js/ 		728 B
901 B 		Script
General
Check archive.org
Download Go to
Full URL
https://okx-usdt.shop/js/bflAUTFrUra6cf58b4.js
Requested by
Host: okx-usdt.shop
URL: https://okx-usdt.shop/js/D3iRxHl5IO8584f95c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60971fe4f0c5927c2fe6a575f38920c59958d9c2eecf7dd1f32c0b12d52efe3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://okx-usdt.shop
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 16:15:51 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 07 Mar 2024 05:06:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65e94b46-2d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JtriHa0lmPDcgM2PiX6QWXROpmHoXozeSp7vGLVaNIqdkehq9cioxhGTxExUqvfve0qzLE6VF5qc774Bqv0nFy774tH81EhI4gT26rcYixtVSEKkcamEiU03pmWfHkTOvUyJ0F4sKsWM3ujl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
879764f7cab89ba0-FRA
alt-svc
h3=":443"; ma=86400
expires
Fri, 24 May 2024 16:15:51 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.okx-usdt.shop
URL
https://api.okx-usdt.shop/api/public/get_lang_json?d=1713975350495&lang=en
Domain
api.okx-usdt.shop
URL
https://api.okx-usdt.shop/api/user/app_info?d=1713975350500&flag=false

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ boolean| __INTLIFY_PROD_DEVTOOLS__ boolean| __INTLIFY_JIT_COMPILATION__ boolean| __INTLIFY_DROP_MESSAGE_COMPILER__ boolean| __VUE_I18N_FULL_INSTALL__ boolean| __VUE_I18N_LEGACY_API__ boolean| __VUE__

2 Cookies

Domain/Path Name / Value
.okx-usdt.shop/ Name: __cf_mw_byp
Value: GX0opO6dmI44HBdKI288T1juZizFFc1UIYJpupmfyUQ-1713975345-0.0.1.1-/
.okx-usdt.shop/ Name: cf_clearance
Value: 2BuRPQuNhBFJcLN86R4Uzchxcsvtd.9.Ef2tgw8WoKM-1713975350-1.0.1.1-aaJRr1ryjc8L93ifDIt8j3GmB0t5yz4PrJQf7tqiLFKuYRZg8lF7s0SWzkid7izCs3FizKXYQWkUNIc31VJaxg

10 Console Messages

Source Level URL
Text
network error URL: https://okx-usdt.shop/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
deprecation error URL: https://okx-usdt.shop/
Message:
Custom state pseudo classes are changing from ":--webkit-input-placeholder" to ":state(webkit-input-placeholder)" soon. See more here: https://github.com/w3c/csswg-drafts/issues/4805
deprecation error URL: https://okx-usdt.shop/
Message:
Custom state pseudo classes are changing from ":--webkit-input-placeholder" to ":state(webkit-input-placeholder)" soon. See more here: https://github.com/w3c/csswg-drafts/issues/4805
deprecation error URL: https://okx-usdt.shop/
Message:
Custom state pseudo classes are changing from ":--webkit-input-placeholder" to ":state(webkit-input-placeholder)" soon. See more here: https://github.com/w3c/csswg-drafts/issues/4805
deprecation error URL: https://okx-usdt.shop/
Message:
Custom state pseudo classes are changing from ":--webkit-input-placeholder" to ":state(webkit-input-placeholder)" soon. See more here: https://github.com/w3c/csswg-drafts/issues/4805
deprecation error URL: https://okx-usdt.shop/
Message:
Custom state pseudo classes are changing from ":--webkit-input-placeholder" to ":state(webkit-input-placeholder)" soon. See more here: https://github.com/w3c/csswg-drafts/issues/4805
javascript error URL: https://okx-usdt.shop/#/
Message:
Access to XMLHttpRequest at 'https://api.okx-usdt.shop/api/user/app_info?d=1713975350500&flag=false' from origin 'https://okx-usdt.shop' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.okx-usdt.shop/api/user/app_info?d=1713975350500&flag=false
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://okx-usdt.shop/#/
Message:
Access to XMLHttpRequest at 'https://api.okx-usdt.shop/api/public/get_lang_json?d=1713975350495&lang=en' from origin 'https://okx-usdt.shop' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.okx-usdt.shop/api/public/get_lang_json?d=1713975350495&lang=en
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN