Security Scan Report: shellshock.io

Site favicon
Submitted: Jul 7, 2026, 3:39:08 AMCompleted: Jul 7, 2026, 3:40:44 AMpubliccompleted
Loading additional data...

Summary

This website contacted 8 IPs in 1 country across 8 domains to perform 2 HTTP transactions. The main domain is shellshock.io and was registered NaN years ago.

Submitted URL: https://shellshock.io

The Cisco Umbrella rank of the primary domain is #150,594 of the top 1 million websites

AI Security Verdict

Moderate Risk

Confidence: 72%

5
Risk Score

The site shows a password‑only form and low domain ranking, indicating moderate risk of credential phishing despite its age and self‑branding.

Risk Factors
Password‑only form suggests possible credential harvesting
Low domain ranking for a site claiming to be the official game
Extensive list of advertising/tracking domains
Safety Factors
Domain is over 9 years old
No malicious JavaScript or network alerts detected
Self‑branding aligns with domain name
No external form submission or credential exfiltration observed
Domain age information unavailable

Details

Page Title

Shell Shockers 🍳 Also at shellplay.live

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(84%)

Domain Information

You're looking at domain 'shellshock.io' on the British Indian Ocean Territory country-code top-level domain (.io) with no subdomain. The core label 'shellshock' covers 10 characters with two vowels and eight consonants. Segmentation suggests two words: shell, shock. Median word length comes out to five characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://shellshock.io

Page Load Overview

6.71s
Total Load Time
99
HTTP Requests
35
Domains
1.2 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:67,096 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software84% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

technology software
84%
entertainment media
71%
documentation technical
65%
government public service
63%
cryptocurrency blockchain
59%

Detected Features

OG: website

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
15142.251.14.94Google · CDNUnited States
AS15169Google LLC
12172.67.71.222Cloudflare · WAFUnited States
AS13335Cloudflare, Inc.
12104.16.80.73Cloudflare · WAFUnited States
AS13335Cloudflare, Inc.
12142.250.154.95Google · CDNUnited States
AS15169Google LLC
12172.67.69.62Cloudflare · WAFUnited States
AS13335Cloudflare, Inc.
12104.17.24.14Cloudflare · WAFUnited States
AS13335Cloudflare, Inc.
12104.17.208.5Cloudflare · WAFUnited States
AS13335Cloudflare, Inc.
12142.251.13.97Google · CDNUnited States
AS15169Google LLC
998--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1DC9287690BFB04215637A02D4FEB6100723684070B1ECD15BFAC82999FD5FA989E7BF5

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

192:VsqVVymDPg+WIOfYgmQOJBd1u8vQYaO6Bx9wvnTjB9ByDUkL/NJthmEyASVOESIt:CqVBT7n9mx9wvnTVjyCiaRF+BQ

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:20650:S0sEVBBMKFoIgOIIMljBCQKtAvNl0RAKQsSExWwNg1kZEgiBcTBCKU4JJGBoASEoOKSSAAZgANeCGLgglFAkAAHBFWWgoAEA

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffe7e7ffffffffff
Perceptual Hash:b33331cccccccc33
Difference Hash:000c0c0000000000
Wavelet Hash:ffe7e7ff00000000
Color Hash:#6cc1e0

Other Hashes

Crop Resistant:000c0c0000000000

Scan History

Scan history not available

Unable to load historical scan data