urlscan.io logo urlscan.io
SecurityTrails logo

shell-scammer.com Open in urlscan Pro
43.224.153.107  Public Scan

Go To Rescan Add Verdict Report
URL: https://shell-scammer.com/
Submission: On March 30 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main IP is 43.224.153.107, located in Singapore and belongs to WEST263GO-HK West263 International Limited, HK. The main domain is shell-scammer.com.
TLS certificate: Issued by R3 on March 19th 2024. Valid for: 3 months.
This is the only time shell-scammer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 43.224.153.107 139021 (WEST263GO...)
8 4.34.134.105 3356 (LEVEL3)
1 100.25.68.40 14618 (AMAZON-AES)
11 3
Apex Domain
Subdomains		 Transfer
8 bootcdn.net
cdn.bootcdn.net — Cisco Umbrella Rank: 110637
393 KB
2 shell-scammer.com
shell-scammer.com
7 KB
1 placeholder.com
via.placeholder.com — Cisco Umbrella Rank: 33265
2 KB
11 3
Domain Requested by
8 cdn.bootcdn.net shell-scammer.com
cdn.bootcdn.net
2 shell-scammer.com
1 via.placeholder.com shell-scammer.com
11 3

This site contains links to these domains. Also see Links.

Domain
www.shell-scammer.com
Subject Issuer Validity Valid
www.shell-scammer.com
R3		 2024-03-19 -
2024-06-17		 3 months crt.sh
*.bootcss.com
Sectigo RSA Domain Validation Secure Server CA		 2024-01-03 -
2025-02-02		 a year crt.sh
placeholder.com
Amazon RSA 2048 M02		 2023-12-26 -
2025-01-24		 a year crt.sh

This page contains 1 frames:

Primary Page: https://shell-scammer.com/
Frame ID: 8727F2E1AF872C58395B3A7052741A3F
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

反骗子

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

402 kB
Transfer

733 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
shell-scammer.com/ 		12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shell-scammer.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.224.153.107 , Singapore, ASN139021 (WEST263GO-HK West263 International Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
ec1d9c2a2f0d8820513a5c7a3acb733aeedc4dc5d3504a029e0f3b0399c046e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 30 Mar 2024 10:23:09 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
bootstrap.min.css
cdn.bootcdn.net/ajax/libs/bootstrap/5.2.3/css/ 		190 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.bootcdn.net/ajax/libs/bootstrap/5.2.3/css/bootstrap.min.css
Requested by
Host: shell-scammer.com
URL: https://shell-scammer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
4.34.134.105 St. Petersburg, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://shell-scammer.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sat, 29 Mar 2025 17:22:53 GMT
date
Sat, 30 Mar 2024 10:23:10 GMT
content-encoding
gzip
last-modified
Tue, 22 Nov 2022 08:18:26 GMT
server
nginx
etag
W/"637c85d2-2f955"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-headers
Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, Token
x-ser
BC57_lt-neimenggu-huhehaote-55-cache-3, BC32_US-Michigan-chieago-1-cache-1, BC108_US-Florida-tampa-1-cache-1
all.min.css
cdn.bootcdn.net/ajax/libs/font-awesome/6.4.2/css/ 		100 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.bootcdn.net/ajax/libs/font-awesome/6.4.2/css/all.min.css
Requested by
Host: shell-scammer.com
URL: https://shell-scammer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
4.34.134.105 St. Petersburg, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://shell-scammer.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sat, 29 Mar 2025 13:57:22 GMT
date
Sat, 30 Mar 2024 10:23:10 GMT
content-encoding
gzip
last-modified
Thu, 21 Dec 2023 15:55:10 GMT
server
nginx
etag
W/"65845fde-18f49"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-headers
Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, Token
x-ser
BC19_lt-guizhou-guiyang-9-cache-1, BC228_US-California-santa-clara-1-cache-3, BC109_US-Florida-tampa-1-cache-1
188x50
via.placeholder.com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://via.placeholder.com/188x50
Requested by
Host: shell-scammer.com
URL: https://shell-scammer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.68.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-68-40.compute-1.amazonaws.com
Software
Werkzeug/2.2.2 Python/3.9.16 /
Resource Hash
5c02fd6deaf4dbb69803bfb27ac25764604d0e730d3ba144852d0f704ad948c8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://shell-scammer.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 10:23:10 GMT
cache-control
public, max-age=31557600
server
Werkzeug/2.2.2 Python/3.9.16
content-length
1438
content-type
image/png
jquery.slim.min.js
cdn.bootcdn.net/ajax/libs/jquery/3.6.0/ 		71 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bootcdn.net/ajax/libs/jquery/3.6.0/jquery.slim.min.js
Requested by
Host: shell-scammer.com
URL: https://shell-scammer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
4.34.134.105 St. Petersburg, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://shell-scammer.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 10:23:10 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodifed-Since, X-CSRF-TOKEN, X-Requested-With,token
x-ser
BC181_lt-shandong-zibo-13-cache-6, BC32_US-Michigan-chieago-1-cache-1, BC109_US-Florida-tampa-1-cache-1
popper.min.js
cdn.bootcdn.net/ajax/libs/popper.js/2.9.3/umd/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bootcdn.net/ajax/libs/popper.js/2.9.3/umd/popper.min.js
Requested by
Host: shell-scammer.com
URL: https://shell-scammer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
4.34.134.105 St. Petersburg, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
ccc0ee783158d1ab3ae590ef8c982a827e38e8b82fd121551cdd4c20041fcd1b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://shell-scammer.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 10:23:10 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodifed-Since, X-CSRF-TOKEN, X-Requested-With,token
x-ser
BC185_lt-shandong-zibo-13-cache-6, BC32_US-Michigan-chieago-1-cache-1, BC109_US-Florida-tampa-1-cache-1
bootstrap.min.js
cdn.bootcdn.net/ajax/libs/bootstrap/5.2.3/js/ 		59 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bootcdn.net/ajax/libs/bootstrap/5.2.3/js/bootstrap.min.js
Requested by
Host: shell-scammer.com
URL: https://shell-scammer.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
4.34.134.105 St. Petersburg, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
9bcd4d0f29dc6556ebeeff44eaa0965f0c7f7308ee58394708cce2f698cca1b0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://shell-scammer.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 10:23:13 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodifed-Since, X-CSRF-TOKEN, X-Requested-With,token
x-ser
BC212_lt-henan-nanyang-1-cache-14, BC9_US-Georgia-atlanta-1-cache-2, BC109_US-Florida-tampa-1-cache-1
fa-brands-400.woff2
cdn.bootcdn.net/ajax/libs/font-awesome/6.4.2/webfonts/ 		107 KB
108 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.bootcdn.net/ajax/libs/font-awesome/6.4.2/webfonts/fa-brands-400.woff2
Requested by
Host: cdn.bootcdn.net
URL: https://cdn.bootcdn.net/ajax/libs/font-awesome/6.4.2/css/all.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
4.34.134.105 St. Petersburg, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
faae6fc0aa94cc5bde5076647c817a23206096a1cbeda10d1c6f3d89d6163ed1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cdn.bootcdn.net/ajax/libs/font-awesome/6.4.2/css/all.min.css
Origin
https://shell-scammer.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 10:23:10 GMT
server
nginx
access-control-max-age
15552000
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=15552000
access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With,token
x-ser
BC45_lt-hunan-shaoyang-6-cache-2, BC33_US-Georgia-atlanta-1-cache-4, BC109_US-Florida-tampa-1-cache-1
fa-solid-900.woff2
cdn.bootcdn.net/ajax/libs/font-awesome/6.4.2/webfonts/ 		147 KB
147 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.bootcdn.net/ajax/libs/font-awesome/6.4.2/webfonts/fa-solid-900.woff2
Requested by
Host: cdn.bootcdn.net
URL: https://cdn.bootcdn.net/ajax/libs/font-awesome/6.4.2/css/all.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
4.34.134.105 St. Petersburg, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cdn.bootcdn.net/ajax/libs/font-awesome/6.4.2/css/all.min.css
Origin
https://shell-scammer.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 10:23:10 GMT
server
nginx
access-control-max-age
15552000
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=15552000
access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With,token
x-ser
BC163_lt-shandong-jinan-15-cache-1, BC34_US-Georgia-atlanta-1-cache-4, BC109_US-Florida-tampa-1-cache-1
fa-regular-400.woff2
cdn.bootcdn.net/ajax/libs/font-awesome/6.4.2/webfonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.bootcdn.net/ajax/libs/font-awesome/6.4.2/webfonts/fa-regular-400.woff2
Requested by
Host: cdn.bootcdn.net
URL: https://cdn.bootcdn.net/ajax/libs/font-awesome/6.4.2/css/all.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
4.34.134.105 St. Petersburg, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
9169d8be7a8177e5a92a4d04b6de7f6504b938573bf4da5889871c4f376d3849

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cdn.bootcdn.net/ajax/libs/font-awesome/6.4.2/css/all.min.css
Origin
https://shell-scammer.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 10:23:10 GMT
server
nginx
access-control-max-age
15552000
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=15552000
access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With,token
x-ser
BC149_lt-shanxi-jinzhong-13-cache-1, BC17_lt-tianjin-tianjin-21-cache-1, BC228_US-California-santa-clara-1-cache-3, BC105_US-Florida-tampa-1-cache-1
favicon.ico
shell-scammer.com/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://shell-scammer.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.224.153.107 , Singapore, ASN139021 (WEST263GO-HK West263 International Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
9a12ac29a1862a00531b3d67abe16d7199f3081b1c7a83919c1993e454cae9b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://shell-scammer.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 10:23:13 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 29 Mar 2024 13:57:42 GMT
server
nginx
etag
"6606c8d6-10be"
content-type
image/x-icon
accept-ranges
bytes
content-length
4286

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal function| $ function| jQuery object| Popper number| uidEvent object| bootstrap

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000